Just because the kernel does things wrong all over the place, it doesn't mean having too many syscalls specifically is not itself wrong.
>Cite the specific functionality you think is being shipped in an insecure way.
The whole Linux kernel. Complexity in privileged code is cancer.
For an example of how to do a kernel properly, refer to seL4.