This AI-assisted patch would let admins disable vulnerable kernel functions until a proper fix ships.
Well, in a sense we already have it. The latest CVE if you removed some specific modules form being loaded it mitigated the attack....so one option would be that as much as possible becomes modules.....
I always thought the wall plug was a pretty good tool when I needed to beat the shit out of my computer not behaving...