Greg Kroah-Hartman bans University of Minnesota from Linux development for deliberately buggy patches

Advisories

Discover Organizations/Events News

Greg Kroah-Hartman bans University of Minnesota from Linux development for deliberately buggy patches

Greg Kroah-Hartman bans University of Minnesota from Linux development for deliberately buggy patches

Some researchers from the University of Minnesota tried to slip bad patches into the Linux kernel as a "test." When they kept trying, Greg Kroah-Hartman, the Linux kernel maintainer for the stable branch, put an end to their efforts by banning their university from Linux development.

Thanks to the Solarwinds security breachsoftware supply chain attacks have become an important issue. Naturally enough, there's a lot of research being done into these attacks. Two graduate students at the University of Minnesota working on a paper entitled, "On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits" tried to put the Use-After-Free (UAF) vulnerability into the Linux kernel. This kind of Red Team security testing is commonplace… when the project includes people who know what's going on beforehand. That wasn't the case here. When they tried it again, Greg Kroah-Hartman, the Linux kernel maintainer for the stable branch, had had enough. 

Kroah-Hartman, one of the most respected of all the Linux kernel developers, tweeted, "Linux kernel developers do not like being experimented on, we have enough real work to do." 

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.