[1]https://arstechnica.com/security/2016/09/linux-kernel-security-needs
   -fixing/
   Based on the number of concurrent discovered bugs, at least a few.
   Statistical techniques won't work when it is only discovered bugs.
   [2]https://en.wikipedia.org/wiki/Selection_bias
   But the fact that severe bugs are in a distro for over a year makes it
   irrelevant how many there is. A systematic effort to search for bugs
   and to anonymously create honeypots is needed.
   Arguably the best technique would be to reuse TOR directory server
   private keys as bitcoin addresses for a crowdsourced bug bounty effort.

References

   1. https://arstechnica.com/security/2016/09/linux-kernel-security-needs-fixing/
   2. https://en.wikipedia.org/wiki/Selection_bias