I don't find the fear mongering about kernel maintainers credible. First, they are very few, highly trusted individuals. Second, the results of their activity is available for all to see after the fact. You don't need to see a log of every commit to notice a backdoor in source code, and I'm not even sure logs would be much help in that regard... it's all too easy to split such code across multiple commits, all of which look innocuous in isolation. The final output is by far the most important part to have available.
As for security patches... Maybe. That's a weird level of sophistication: Script-kiddie who puts in the effort to set-up major data mining and analysis to get an exploit that might be secret for a couple months. It should be fixable if ever exploited, with private branches of repos containing security-fixes, shared only between senior kernel devs and major distro maintainers.