Red Hat Released Lazy FPU Vulnerability Patch

On June 13, 2018, Intel Corporation issued a security bulletin stating that the Discovery Execution Side Channel Vulnerability, CVE-2018-3665, is a Lazy FPU that can be used to steal sensitive data from the CPU’s math processing unit. Red Hat issued a security bulletin on June 14th, saying that it has released security patches for all affected RHEL 7 series systems and urged the affected system users to upgrade immediately.

The affected systems include:

• Red Hat Enterprise Linux Server 7 x86_64
• Red Hat Enterprise Linux Server – Extended Update Support 7.5 x86_64
• Red Hat Enterprise Linux Workstation 7 x86_64
• Red Hat Enterprise Linux Desktop 7 x86_64
• Red Hat Enterprise Linux for IBM z Systems 7 s390x
• Red Hat Enterprise Linux for IBM z Systems – Extended Update Support 7.5 s390x
• Red Hat Enterprise Linux for Power, big endian 7 ppc64
• Red Hat Enterprise Linux for Power, big endian – Extended Update Support 7.5 ppc64
• Red Hat Enterprise Linux for Scientific Computing 7 x86_64
• Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64
• Red Hat Enterprise Linux for Power, little endian 7 ppc64le
• Red Hat Enterprise Linux for Power, little endian – Extended Update Support 7.5 ppc64le
• Red Hat Virtualization Host 4 x86_64
• Red Hat Enterprise Linux for ARM 64 7 aarch64
• Red Hat Enterprise Linux for Power 9 7 ppc64le
• Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Based on the RHEL 7 series of operating systems – CnetOS Linux 7 release also received a “Lazy FPU” kernel security updates. Therefore all CentOS 7 users recommend upgrading to the kernel-3.10.0-862.3.3.el7.x86_64.rpm kernel version immediately. For more information, check out today’s security bulletin.

In today’s security announcement, Red Hat also thanked Julian Stecklina from Amazon.de, Thomas Prescher at cyberus-technology.de, and Zdenek Sojka from sysgo.com who discovered the vulnerability.