On Mon, 24 May 2021, SAIFI wrote:
we posted this as a community update on 2021-04-21
CS folks from the Univ of Minnesota were trying to introduce vulnerabilities
into Linux kernel as part of a research study. The idea is to send
known-buggy patches to see how the kernel folks would react to them.
On the feasibility of stealthily introducing vulnerabilities in Open Source
Software via Hypocrite commits
https://github.com/QiushiWu/qiushiwu.github.io/raw/main/papers/OpenSourceInsecurity.pdf
now it has taken 80 developers to revert the commits and fix the
vulnerabilities leading to kernel 5.13-RC3 release.
please see the 2021-05-20 commit log here
https://lore.kernel.org/lkml/[email protected]/
warm regards
Saifi.
