If you flash Linux onto a device like this, the constant stream of discovered and fixed Linux security holes is bound to eventually bite you without frequent & robust OTA update regimen that requires staffing. It's not really a "jury's still out" type of question: https://www.cvedetails.com/product/47/Linux-Linux-Kernel.htm...

(Not that it's an easy with a simpler software stack either of course but you can have a fighting chance at least)