{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,20]],"date-time":"2025-07-20T04:00:47Z","timestamp":1752984047440,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":63,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,4,15]],"date-time":"2024-04-15T00:00:00Z","timestamp":1713139200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["2155213"],"award-info":[{"award-number":["2155213"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,4,15]]},"DOI":"10.1145\/3643991.3644902","type":"proceedings-article","created":{"date-parts":[[2024,7,2]],"date-time":"2024-07-02T13:05:13Z","timestamp":1719925513000},"page":"63-74","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["An Investigation of Patch Porting Practices of the Linux Kernel Ecosystem"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-1445-4993","authenticated-orcid":false,"given":"Xingyu","family":"Li","sequence":"first","affiliation":[{"name":"UC Riverside, Riverside, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-1587-8822","authenticated-orcid":false,"given":"Zheng","family":"Zhang","sequence":"additional","affiliation":[{"name":"UC Riverside, Riverside, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1506-2522","authenticated-orcid":false,"given":"Zhiyun","family":"Qian","sequence":"additional","affiliation":[{"name":"UC Riverside, Riverside, United States of America"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4964-1170","authenticated-orcid":false,"given":"Trent","family":"Jaeger","sequence":"additional","affiliation":[{"name":"UC Riverside, Riverside, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6617-3068","authenticated-orcid":false,"given":"Chengyu","family":"Song","sequence":"additional","affiliation":[{"name":"UC Riverside, 0000-0001-6617-3068, United States of America"}]}],"member":"320","published-online":{"date-parts":[[2024,7,2]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Active kernel releases. https:\/\/www.kernel.org\/category\/releases.html."},{"key":"e_1_3_2_1_2_1","unstructured":"Android Common Kernels. https:\/\/source.android.com\/docs\/core\/architecture\/kernel\/android-common."},{"key":"e_1_3_2_1_3_1","unstructured":"Automating stable-kernel creation. https:\/\/lwn.net\/Articles\/701304\/."},{"key":"e_1_3_2_1_4_1","unstructured":"[Bug]SKL-H boot hang when c8+c9+c10 enabled by intel_idle driver. https:\/\/bugs.launchpad.net\/intel\/+bug\/1559918."},{"key":"e_1_3_2_1_5_1","unstructured":"Common Android Kernel Tree. https:\/\/android.googlesource.com\/kernel\/common\/."},{"key":"e_1_3_2_1_6_1","unstructured":"Community vs. Commercial GNU\/Linux Distributions. https:\/\/www.datamation.com\/open-source\/community-vs-commercial-gnu-linux-distributions\/#:~:text=Community%2Dbased%20distributions%20like%20Debian as%20Windows%20and%20OS%20X."},{"key":"e_1_3_2_1_7_1","unstructured":"Comparing Centos Linux and CentOS Stream. https:\/\/www.centos.org\/cl-vs-cs\/."},{"key":"e_1_3_2_1_8_1","unstructured":"deploying android security updates: an extensive study involving manufacturers carriers and end users."},{"key":"e_1_3_2_1_9_1","unstructured":"Everything you ever wanted to know about linux-stable releases. https:\/\/www.kernel.org\/doc\/html\/latest\/process\/stable-kernel-rules.html."},{"key":"e_1_3_2_1_10_1","unstructured":"Git format scripts when propagating patches to Linux LTS. https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/bwh\/linux-stable-queue.git\/tree\/scripts\/git-format-patch-for-backport."},{"key":"e_1_3_2_1_11_1","unstructured":"in Ubuntu16.10: Hit on Call traces and system goes down when transactional memory tests are running in 32TB Brazos system. https:\/\/bugs.launchpad.net\/ubuntu\/+source\/linux\/+bug\/1606786."},{"key":"e_1_3_2_1_12_1","unstructured":"Introduction of Fedora. https:\/\/distrowatch.com\/table.php?distribution=fedora."},{"key":"e_1_3_2_1_13_1","unstructured":"Is Ubuntu an enterprise Linux distribution? https:\/\/ubuntu.com\/blog\/is-ubuntu-an-enterprise-linux-distribution#:~:text=Yes. publisher%20and%20maintainer%20of%20Ubuntu."},{"key":"e_1_3_2_1_14_1","unstructured":"KernelBugFixing. https:\/\/wiki.ubuntu.com\/Kernel\/Dev\/KernelBugFixing."},{"key":"e_1_3_2_1_15_1","unstructured":"Lessons Learned Maintaining a Stable Tree. http:\/\/events17.linuxfoundation.org\/sites\/events\/files\/slides\/stable.pdf."},{"key":"e_1_3_2_1_16_1","unstructured":"Linux Kernel Stable Tree. https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/stable\/linux.git\/."},{"key":"e_1_3_2_1_17_1","unstructured":"Maintaining stable stability. https:\/\/lwn.net\/Articles\/825536\/."},{"key":"e_1_3_2_1_18_1","unstructured":"OpenPower: Some multipaths temporarily have only a single path. https:\/\/bugs.launchpad.net\/ubuntu\/+source\/linux\/+bug\/1696445."},{"key":"e_1_3_2_1_19_1","unstructured":"Some 5.16 kernel development statistics. https:\/\/lwn.net\/Articles\/880699\/."},{"key":"e_1_3_2_1_20_1","unstructured":"Submitting patches: the essential guide to getting your code into the kernel. https:\/\/docs.kernel.org\/process\/submitting-patches.html."},{"key":"e_1_3_2_1_21_1","unstructured":"Syzbot. https:\/\/syzkaller.appspot.com\/upstream\/fixed."},{"key":"e_1_3_2_1_22_1","unstructured":"The lifecycle of a patch. https:\/\/www.kernel.org\/doc\/html\/v4.14\/process\/2.Process.html#the-lifecycle-of-a-patch."},{"key":"e_1_3_2_1_23_1","unstructured":"The LWN.net Linux Distribution List. https:\/\/lwn.net\/Distributions\/."},{"key":"e_1_3_2_1_24_1","unstructured":"UbuntuKVM guest crashed while running I\/O stress test with Ubuntu kernel 4.4.0-47-generic. https:\/\/bugs.launchpad.net\/ubuntu\/+source\/linux\/+bug\/1659111."},{"key":"e_1_3_2_1_25_1","unstructured":"Xenial update: v4.4.262 upstream stable release. https:\/\/bugs.launchpad.net\/ubuntu\/+source\/linux\/+bug\/1920221."},{"key":"e_1_3_2_1_26_1","first-page":"359","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Alexopoulos N.","year":"2022","unstructured":"N. Alexopoulos, M. Brack, J. P. Wagner, T. Grube, and M. M\u00fchlh\u00e4user. How long do vulnerabilities live in the code? a {Large-Scale} empirical measurement study on {FOSS} vulnerability lifetimes. In 31st USENIX Security Symposium (USENIX Security 22), pages 359--376, 2022."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICROIT.2014.6798341"},{"key":"e_1_3_2_1_28_1","first-page":"1","volume-title":"Determining bug severity using machine learning techniques. In 2012 CSI sixth international conference on software engineering (CONSEG)","author":"Chaturvedi K. K.","year":"2012","unstructured":"K. K. Chaturvedi and V. Singh. Determining bug severity using machine learning techniques. In 2012 CSI sixth international conference on software engineering (CONSEG), pages 1--6. IEEE, 2012."},{"key":"e_1_3_2_1_29_1","volume-title":"Hey google, what exactly do your security patches tell us? a large-scale empirical study on android patched vulnerabilities. arXiv preprint arXiv:1905.09352","author":"Farhang S.","year":"2019","unstructured":"S. Farhang, M. B. Kirdan, A. Laszka, and J. Grossklags. Hey google, what exactly do your security patches tell us? a large-scale empirical study on android patched vulnerabilities. arXiv preprint arXiv:1905.09352, 2019."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1162666.1162671"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/QRS.2018.00047"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380361"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-Companion.2019.00044"},{"key":"e_1_3_2_1_34_1","first-page":"1606","volume-title":"IJCAI","volume":"16","author":"Huo X.","year":"2016","unstructured":"X. Huo, M. Li, Z.-H. Zhou, et al. Learning unified features from natural and programming languages for locating buggy source code. In IJCAI, volume 16, pages 1606--1612, 2016."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417240"},{"key":"e_1_3_2_1_36_1","volume-title":"Where should we fix this bug? a two-phase recommendation model","author":"Kim D.","year":"2013","unstructured":"D. Kim, Y. Tao, S. Kim, and A. Zeller. Where should we fix this bug? a two-phase recommendation model. IEEE transactions on software Engineering, 39(11):1597--1610, 2013."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICPC.2017.24"},{"key":"e_1_3_2_1_38_1","unstructured":"S. Levin. Safeguards in the Stable Kernel Process. https:\/\/www.youtube.com\/watch?v=_GLtZg5IjzE."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134072"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSM.2008.4658083"},{"key":"e_1_3_2_1_41_1","unstructured":"Oracle. ELSA-2021-9084 - Unbreakable Enterprise kernel security update. https:\/\/linux.oracle.com\/errata\/ELSA-2021-9084.html."},{"key":"e_1_3_2_1_42_1","first-page":"10","volume-title":"USENIX Security Symposium","volume":"6","author":"Ozment A.","year":"2006","unstructured":"A. Ozment and S. E. Schechter. Milk or wine: does software security improve with age? In USENIX Security Symposium, volume 6, pages 10--5555, 2006."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3236024.3236065"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2909746"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/SEAA.2014.51"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2013.6693093"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2012.6227141"},{"key":"e_1_3_2_1_48_1","unstructured":"SLE. Amazon Linux 2. https:\/\/aws.amazon.com\/amazon-linux-2\/?amazon-linux-whats-new.sort-by=item.additionalFields.postDateTime&amazon-linux-whats-new.sort-order=desc."},{"key":"e_1_3_2_1_49_1","unstructured":"SLE. SLE bug tracking example. https:\/\/bugzilla.suse.com\/show_bug.cgi?id=1199665."},{"volume-title":"ICSE'12","author":"Tian Y.","key":"e_1_3_2_1_50_1","unstructured":"Y. Tian, J. Lawall, and D. Lo. Identifying linux bug fixing patches. ICSE'12."},{"key":"e_1_3_2_1_51_1","volume-title":"West Virginia University","author":"Tyo J. P.","year":"2016","unstructured":"J. P. Tyo. Empirical analysis and automated classification of security bug reports. West Virginia University, 2016."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/2597008.2597148"},{"key":"e_1_3_2_1_53_1","first-page":"262","volume-title":"2016 31st IEEE\/ACM International Conference on Automated Software Engineering (ASE)","author":"Wen M.","year":"2016","unstructured":"M. Wen, R. Wu, and S.-C. Cheung. Locus: Locating bugs from software changes. In 2016 31st IEEE\/ACM International Conference on Automated Software Engineering (ASE), pages 262--273. IEEE, 2016."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338906.3338962"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2019.00140"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/IECON.2014.7049035"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24419"},{"key":"e_1_3_2_1_58_1","first-page":"1165","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Xiao Y.","year":"2020","unstructured":"Y. Xiao, B. Chen, C. Yu, Z. Xu, Z. Yuan, F. Li, B. Liu, Y. Liu, W. Huo, W. Zou, and W. Shi. MVP: Detecting vulnerabilities using patch-enhanced vulnerability signatures. In 29th USENIX Security Symposium (USENIX Security 20), pages 1165--1182. USENIX Association, August 2020."},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635874"},{"key":"e_1_3_2_1_60_1","volume-title":"USENIX Security","author":"Zhang H.","year":"2018","unstructured":"H. Zhang and Z. Qian. Precise and accurate patch presence test for binaries. USENIX Security, 2018."},{"key":"e_1_3_2_1_61_1","volume-title":"30th {USENIX} Security Symposium ({USENIX} Security 21)","author":"Zhang Z.","year":"2021","unstructured":"Z. Zhang, H. Zhang, Z. Qian, and B. Lau. An investigation of the android kernel patch ecosystem. In 30th {USENIX} Security Symposium ({USENIX} Security 21), 2021."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2012.6227210"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3117771"}],"event":{"name":"MSR '24: 21st International Conference on Mining Software Repositories","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering","IEEE CS"],"location":"Lisbon Portugal","acronym":"MSR '24"},"container-title":["Proceedings of the 21st International Conference on Mining Software Repositories"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3643991.3644902","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3643991.3644902","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3643991.3644902","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T23:56:44Z","timestamp":1750291004000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3643991.3644902"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,15]]},"references-count":63,"alternative-id":["10.1145\/3643991.3644902","10.1145\/3643991"],"URL":"https:\/\/doi.org\/10.1145\/3643991.3644902","relation":{},"subject":[],"published":{"date-parts":[[2024,4,15]]},"assertion":[{"value":"2024-07-02","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}