Is there any chance that Linux open source distributions such as Ubuntu would hide malicious code or backdoor or similar thing in their code and simply hide it in their release publication?

Yes, of course

Rule number 0 in security:

Nothing can be secure.

@electrineer you again?

@dIREsTRAITS I heard you're looking for a backdoor

@electrineer didn't know you'd like to knock at someone's backdoor?

It can go unchallenged, given the culture of "letting it slide", yes.

It's happened.

I think.

@dIREsTRAITS yes. But this time he is correct

This can happen with any software at any stage. Sometimes by accident/outsiders trough typosqatting, compromised tool-chain/server.
Generally the very late stage or very early stage injection are harder to detect once in undetected.

Other times it's by bad actors or government demand.

@hjk101

> Other times it's by ( ... ) government demand.

Although it can happen, its extremely rare. 99% of CIV is done by bad actor.

Open source does not guarantee secure source.

The larger the project / community the more observant eyes over changes.

@c3r38r170 how?

Si Amigo

@IntrusionCM 🎶 can you hear me knockin!🎶