Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 22 Apr 2021 14:09:19 -0400
From: Francis Booth <influencedchaos@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Malicious commits to Linux kernel as part of
 university study

Mark,

>From my understanding from the LKML there were at least 3 patches submitted
by Aditya which did manage to make it into the stable trees.

https://lore.kernel.org/linux-nfs/CADVatmNgU7t-Co84tSS6VW=3NcPu=17qyVyEEtVMVR_g51Ma6Q@mail.gmail.com/

So I think we can agree that there may be more submissions that have made
it through that we aren't yet aware of.


On Thu, Apr 22, 2021 at 1:58 PM Mark Steward <marksteward@...il.com> wrote:

> On Thu, Apr 22, 2021 at 6:23 PM Ariadne Conill <ariadne@...eferenced.org>
> wrote:
> ...
> > By mining the LKML archive, it may be possible to find the original set
> of
> > patch submissions by searching for similar keywords as the messages from
> > Aditya.  If somebody can do that, then we would be able to determine at
> > least some of the emails likely to have originated the patches.
> >
>
> This looks like a good guess to me, and if correct, means none of the
> submissions in the paper were successful:
>
>   https://lore.kernel.org/linux-nfs/YIEqt8iAPVq8sG+t@sol.localdomain/
>
>
> Mark
>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.