A discovered vulnerability for privilage escalation https://thehackernews.com/2023/07/researchers-uncover-new-linux-kernel.html?m=1
If system security is the most important criteria above everything else, switch to using BSD.
Opencve.
Also, just hook up to yum and keep that test VM set updating daily.
EL has been so stable that I’ve had a good portion of the herd cron-yumming for about 20 years now. It’s gone about 2% to shit since systemd and networkmangler and other useless fridge art, but it’s still the easiest method to avoid 95% of problems.
You may not like the numbers, but 7 THOUSAND consecutive successful update runs is a decent enough track record for me. Make sure to needs-rebooting
on a decent schedule.