in my opinion for anything internet connected not updating the kernel is a liability
security patches of an LTS kernel are as much updates as moving to a newer kernel version
custom non in-tree drivers are generally an anti-pattern
the kernel interface is quite stable
automated testing tools have come quite a way
===> you should fully update the kernel LTS isn't needed
the only offenders which makes this hard are certain hardware vendors mostly related to phones and IoT which provide proprietary drivers only and also do not update them
even with LTS kernels this has caused ton's of problems over time maybe 6-years LTS being absconded in combination with some legislatures starting to require security updates for devices for 2-5 years *after sold* (i.e > released) this will put enough pressure on to change this for a better approach (weather that are user land drivers, in-tree drivers or better driver support in general)
security patches of an LTS kernel are as much updates as moving to a newer kernel version
custom non in-tree drivers are generally an anti-pattern
the kernel interface is quite stable
automated testing tools have come quite a way
===> you should fully update the kernel LTS isn't needed
the only offenders which makes this hard are certain hardware vendors mostly related to phones and IoT which provide proprietary drivers only and also do not update them
even with LTS kernels this has caused ton's of problems over time maybe 6-years LTS being absconded in combination with some legislatures starting to require security updates for devices for 2-5 years *after sold* (i.e > released) this will put enough pressure on to change this for a better approach (weather that are user land drivers, in-tree drivers or better driver support in general)