here is what seems to be the relevant documentation: https://docs.kernel.org/process/security-bugs.html

see "If you resorted to AI assistance to identify a bug, you must treat it as public." and https://docs.kernel.org/process/security-bugs.html#responsib...