'Re: [oss-security] Malicious commits to Linux kernel as part of university study'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Malicious commits to Linux kernel as part of university study
From:       Francis Booth <influencedchaos () gmail ! com>
Date:       2021-04-22 18:09:19
Message-ID: CAFvHPjvbJiaq6Jt_U9ybSBbwzD1JDVTiq5SeAJscU2NQyfJUdw () mail ! gmail ! com
[Download RAW message or body]


Mark,

From my understanding from the LKML there were at least 3 patches submitted
by Aditya which did manage to make it into the stable trees.

https://lore.kernel.org/linux-nfs/CADVatmNgU7t-Co84tSS6VW=3NcPu=17qyVyEEtVMVR_g51Ma6Q@mail.gmail.com/

So I think we can agree that there may be more submissions that have made
it through that we aren't yet aware of.


On Thu, Apr 22, 2021 at 1:58 PM Mark Steward <marksteward@gmail.com> wrote:

> On Thu, Apr 22, 2021 at 6:23 PM Ariadne Conill <ariadne@dereferenced.org>
> wrote:
> ...
> > By mining the LKML archive, it may be possible to find the original set
> of
> > patch submissions by searching for similar keywords as the messages from
> > Aditya.  If somebody can do that, then we would be able to determine at
> > least some of the emails likely to have originated the patches.
> >
>
> This looks like a good guess to me, and if correct, means none of the
> submissions in the paper were successful:
>
>   https://lore.kernel.org/linux-nfs/YIEqt8iAPVq8sG+t@sol.localdomain/
>
>
> Mark
>


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic