I love talking about newly found bugs with ancient histories. This is a nine year old bug in the nftables feature in Ubuntu's kernel.
What's notable here is that this isn't an obscure area of code. The researchers even state, "Throughout 2022 and 2023 more than a dozen vulnerabilities were found in this subsystem and multiple LPE exploits relied on them.”
What stands out for me is how they described their approach in choosing what to audit and the question is brings up about when audits have found all the useful bugs. After all, if we spend time continuously auditing one section of code, that means other areas are being neglected.
In other words, when do we know we've had enough eyes to find all the shallow bugs?