Skip to main content

Linux kernel team rejects University of Minnesota researchers’ apology

posted onApril 27, 2021
by l33tdawg
Arstechnica
Credit: Arstechnica

Last week, senior Linux kernel developer Greg Kroah-Hartman announced that all Linux patches coming from the University of Minnesota would be summarily rejected by default.

This policy change came as a result of three University of Minnesota researchers—Qiushi Wu, Kangjie Lu, and Aditya Pakki—embarking on a program to test the Linux kernel dev community's resistance to what the group called "Hypocrite Commits."

The trio's scheme involved first finding three easy-to-fix, low-priority bugs in the Linux kernel and then fixing them—but fixing them in such a way as to complete what the UMN researchers called an "immature vulnerability":

    We employ a static-analysis tool to identify three "immature vulnerabilities" in Linux, and correspondingly detect three real minor bugs that are supposed to be fixed. The "immature vulnerabilities" are not real vulnerabilities because one condition (such as a use of a freed object) is still missing [...] We construct three incorrect or incomplete minor patches to fix the three bugs. These minor patches however introduce the missing conditions of the "immature vulnerabilities."

Source

Tags

Linux

You May Also Like

Recent News

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th

Thursday, June 6th