GNU/Linux cellular devices are not more private than an appropriately secured Android handset. Given the modem vulnerabilities and poor support for Linux ARM SOCs, I would much rather trust an OS designed from the ground-up to incorporate cellular security. There's a reason Linux was forked to create Android, and not built as an upstream effort. Linux is perfectly secure for a physically secured server rack. It is a nightmare scenario for GSM privacy.
Endpoint security, IP-based GSM networking vs RIL telephony, isolation measures, ISP trust and fingerprinting mitigation, modem transparency, privledged baseband access and SIM vulnerability, to name a few big ones.
Again - Linux for desktops and servers can be great for privacy. For pretty much every single smartphone-based threat vector, it is a free lunch for attackers. We're talking off-the-shelf CVE exploits versus blowing a multi-million dollar zero-day here.
This is all very theoretical and unclear. For example, on Pinephone, the modem runs FLOSS software (except for a small blob managing the tower connections). Also, it's connected via USB, so there is no privileged access for it. I have no idea what ISP trust has to do with that. You can install Tor on the phone. And so on.
