Linux kernel developers completed an audit of all patches from University of Minnesota

Technical Council of the Linux Foundation organization published A consolidated report with an incident analysis with researchers from the University of Minnesota associated with An attempt to promote patches in the core containing hidden errors leading to vulnerabilities. The kernel developers confirmed the previously published information that out of 5 patches prepared during the study “ Hypocrite Commits ” , 4 patch with vulnerabilities were immediately rejected at the review stage and did not fall into the core repository. One patch was accepted, but he correctly corrected the problem and did not contain errors.

435 commits were also analyzed, including corrections sent by developers from the Minnesota University and not related to the experiment to promote hidden vulnerabilities. Since 2018, a group of researchers from the University of Minnesota has actively participated in correcting errors. Re-reviewed did not reveal the commitments of malicious activity in these commitments, but revealed separate uninforced errors and flaws.

349 Commits are recognized as correct and left unchanged. In 39 Commits about, problems requiring corrections are detected – these commits are canceled and to the release of the core 5.13 will be replaced by more correct corrections. Errors in 25 commits turned out to be corrected in subsequent changes. 12 Commits have lost their relevance, as they affected outdated systems, already removed from the kernel. One of the correct commits was canceled on the author’s request. 9 Correct commits were shipped from addresses @ umn.edu long before the formation of a study group of researchers.

/Media reports.