Anyone who works as a Linux It Pro tracks security vulnerability reports knows of the ridiculous amount that reference holes in Linux. For whatever reason this is never talked about and Linux gets this magic aura of invulnerability. Part of the confusion lies with the complexity of the open source Linux model that separates Linux "Distributions" from Linux "Kernel" vulnerabilities. Now if you start looking into and adding up Linux "Distribution" vulnerabilities that see more can take you into the hundreds upon hundreds of security holes that are never talked about.