This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7, and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6, 7, and Red Hat Enterprise MRG 2 may address this issue.
Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and
maintenance life cycle. This has been rated as having Moderate security
impact and is not currently planned to be addressed in future updates. For
additional information, refer to the Red Hat Enterprise Linux Life
CVSS v3 metrics
|CVSS3 Base Score||5.6|
|CVSS3 Base Metrics||CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N|
Red Hat Security Errata
|Red Hat Enterprise Linux 6 (kernel)||RHSA-2018:2164||2018-07-10|
|Red Hat Enterprise Linux 7 (kernel)||RHSA-2018:1852||2018-06-14|
|Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt)||RHSA-2018:2165||2018-07-10|
|Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt)||RHSA-2018:1944||2018-06-19|
Affected Packages State
|Red Hat Enterprise Linux 7||kernel-alt||Not affected|
|Red Hat Enterprise Linux 5||kernel||Affected|
AcknowledgementsRed Hat would like to thank Julian Stecklina (Amazon.de), Thomas Prescher (cyberus-technology.de), and Zdenek Sojka (sysgo.com) for reporting this issue.
RHEL-7 will automatically default to (safe) “eager” floating point register restore on Sandy Bridge and newer Intel processors. AMD processors are not affected. You can mitigate this issue on older processors by booting the kernel with the 'eagerfpu=on' parameter to enable eager FPU restore mode. In this mode FPU state is saved and restored for every task/context switch regardless of whether the current process invokes FPU instructions or not. The parameter does not affect performance negatively, and can be applied with no adverse effects to processors that are not affected.