[fulafel]

Yes, of course. But the flip side is that any given bug is unlikely to be a covert backdoor.

Considering the scrutiny Huwaei is under, and how this patch was not proposed or destined to any existing used Linux component, this would be an odd risk-reward equation.

I fear this will be a nail in the coffin for any freedoms Huawei employees had to participate in open source infosec dev community on their own volition. We should be encouraging this kind of participation, not publically crucifying beginning participants and their employers for mistakes.