[Will_Do]

I guess the question I have is "Did any *previous* research done by UMN successfully introduce bugs into the Linux Kernel git commit log?"

There are weasel words in this statement that make it unclear and the researchers have been really dishonest already. But! If it's true that their research has never made it out of email chains then it does seem like the reaction is a bit disproportionate to the damages here.

[finnthehuman]

Lu has posted to LKML today, weasel wording around when asked point blank for a list of everything malicious sent to the kernel.

https://lore.kernel.org/lkml/YIBMKSovJumS79SR@pendragon.idea...

e: Not getting pulled into a maintainer tree isn't enough to be safe about what was posted to a kernel mailing list. People can (and testing scripts blindly do) grab and apply patches on the mailing list.

[hannasanarion]

Much focus is on the 3 patches from the paper last year, but others have been submitted before and since by the same group, and some that have been found to be malicious did make it into the Stable branch: https://lore.kernel.org/lkml/78ac6ee8-8e7c-bd4c-a3a7-5a90c7c...