Comment by motohagiography

Both of those reverts suggest those were just non-malicious contributions that the maintainers reverted just in case (and reapplied after review). If that's the proof, then I think you are mistaken. Maybe put another way, if someone says "noptd has bad intentions, so I'm reverting all of noptd's contributions that were committed to stable" the reverts themselves are not proof that malicious commits made it to stable, and that noptd has bad intentions.

It doesn't sound like either of those reverts are necessarily for malicious patches. They are reverting all commits from umn.edu addresses regardless of their involvement with this professor.

It doesn't matter whether the patches made it in our not. Even the attempt is illegal in some jurisdictions.

Can you cite a source of Greg saying this? I read this article which is the closest I could find that reports this, https://www.zdnet.com/article/greg-kroah-hartman-bans-univer... which says,

"""Romanovsky reported that he had looked at four accepted patches from Pakki "and 3 of them added various severity security 'holes.'" Sudip Mukherjee, Linux kernel driver and Debian developer, followed up and said "a lot of these have already reached the stable trees." These patches are now being removed."""

However, if you click the links, you'll see that "have already reached stable trees" is about non-buggy patches, and "3 of them added various [holes]" are not one of those. So the articles seem to be intentionally deceiving the reader to think those are connected, when they're separate events. I actually feel like the media has been doing this (putting together non-related facts together in a way that readers reasonably infer a connection between the two).