How to Backdoor the Linux Kernel and Fail - Security Measures in Kernel Development

Explore potential methods for introducing a backdoor into a Linux kernel release in this 32-minute conference talk by Konstantin Ryabitsev from The Linux Foundation. Investigate various attack vectors, including patch submission, git pull request manipulation, tarball replacement on kernel.org, and targeted downloads. Learn about existing security measures that prevent such attacks and examine remaining vulnerabilities in the trust chain. Gain insights into the robust security practices employed by the Linux kernel development community and understand the challenges faced by potential attackers.

How to Backdoor the Linux Kernel (and fail?) - Konstantin Ryabitsev, The Linux Foundation