This site may contain outdated or incomplete information.
kernel.org infrastructure compromise
While the kernel.org compromise didn’t likely involve source code (and would have had limited impact), from gkh’s mail: “the compromise of kernel.org and related machines has made it clear that some developers, at least, have had their systems penetrated.”
Impact
Clean installs were recommended, checking package signatures, logs, etc., for all kernel developers and then rotating PGP keys.
Type of compromise
Dev Tooling & Publishing Infrastructure.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.