[iw] - Linux bans University of Minnesota for committing malicious code

Richard Forno rforno at infowarrior.org
Wed Apr 21 19:54:39 EDT 2021


Linux bans University of Minnesota for committing malicious code

In a rare, groundbreaking decision, Linux kernel project maintainers have imposed a ban on the University of Minnesota (UMN) from contributing to the open-source Linux project.

The move comes after a group of UMN researchers were caught submitting a series of malicious code commits, or patches that deliberately introduced security vulnerabilities in the official Linux codebase, as a part of their research activities.

Additionally, the Linux kernel project maintainers have decided to revert any and all code commits that were ever submitted from an @umn.edu email addresses.

< - >

https://www.bleepingcomputer.com/news/security/linux-bans-university-of-minnesota-for-committing-malicious-code


..... and here's a Statement from the University of Minnesota’s CS and Engineering Department
https://cse.umn.edu/cs/statement-cse-linux-kernel-research-april-21-2021

Leadership in the University of Minnesota Department of Computer Science & Engineering learned today about the details of research being conducted by one of its faculty members and graduate students into the security of the Linux Kernel. The research method used raised serious concerns in the Linux Kernel community and, as of today, this has resulted in the University being banned from contributing to the Linux Kernel.

We take this situation extremely seriously. We have immediately suspended this line of research. We will investigate the research method and the process by which this research method was approved, determine appropriate remedial action, and safeguard against future issues, if needed. We will report our findings back to the community as soon as practical.

Sincerely,

Mats Heimdahl, Department Head
Loren Terveen, Associate Department Head


More information about the Iw mailing list