Huawei has denied having any official involvement in an insecure patch submitted to the Linux kernel project over the weekend, which introduced a "trivially exploitable" vulnerability. According to the tech giant, an employee submitted code as part of a personal project, not on behalf of the company.
The buggy patch was submitted to the official Linux kernel project via its mailing list on Sunday. Named HKSP (Huawei Kernel Self Protection), the patch allegedly introduced a series of security-hardening options to the Linux kernel.
Big tech companies that heavily use Linux in their data centers and online services, often submit patches to the Linux kernel. Companies like Google, Microsoft, Amazon, and others have been known to have contributed code.