Slump in Kernel.org

Slump in Kernel.org
An unknown attacker has to gain root privileges on some of the major server Kernel.org - the main distribution site for the Linux kernel and some close-Linux software. As the news section on the website explains, the administrators have the break on 28 August detected.
The server was already noticed by mid-month, unusual behavior, and after a reboot and a kernel update were then kernel panics, which ultimately led to the discovery of the burglary. According to the current investigation the intruder state gave itself a compromised user account access. Presumably, he then worked his way up through security holes to root rights - is more accurate but is not yet known.
The administrators will assume that the source code repositories have not been changed, this is currently under review but will. The explanation for the slump further emphasizes the potential damage from a burglary at Kernel.org was much lower than in other hosting source code repositories. This is justified by the use of Git for kernel development, which have for every source code file a SHA1 hash, once published, it was not possible to alter files without it going unnoticed. LWN.net and kernel-hackers-chief Jonathan Corbet explains this in more detail in a blog post on the Linux Foundation. Git Junio ​​C Hamano main developer describes in his blog in more detail the options available to an attacker to modify a git repository.
Who draws the Linux source code with Git could be pretty sure to get a version that was implanted into the malicious code. The statement on Kernel.org but makes no specific references to the integrity of the patches tarball with the kernel sources, which are linked on the front page of Kernel.org. Whose integrity can be checked while on PGP signatures - according to the accompanying description, however, these are generated on a Kernel.org the server. Whether the intruder had access to everything you need in order to sign a modified archive itself, is therefore currently unclear.