On Tue, 26 Jun 2018, Mike Ely wrote:

> It's been a while since that was released (at least for Centos7) and I'm
> wondering if there's a plan to release this for SL6 as well.

Basically, for RHEL/CentOS/SL 7 there is a simple fix, but for 
RHEL/CentOS/SL 6, Red hat will have to back-port some functionality.

https://access.redhat.com/solutions/3485131 says:
   RHEL-7 Mitigation

     RHEL-7 defaults to (safe) "eager" floating point register restore
     on Sandy Bridge and newer Intel processors, so is not affected.
     AMD processors are not affected.
     You can mitigate this issue on older processors by booting the kernel
     with the eagerfpu=on parameter to enable eager FPU restore mode.
     In this mode FPU state is saved and restored for every task/context
     switch regardless of whether the current process invokes FPU
     instructions or not.
     The parameter does not affect performance negatively,
     and can be applied without adverse effects to processors
     that are not affected.

   RHEL 6 and earlier are impacted by this CVE and do not provide
   the eagerfpu parameter. Red Hat will be releasing updates
   which will change the behavior.

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-3665
currently depends upon six other open bugs, but I don't
have access to see whether they cover RHEL6.

-- 
Andrew C. Aitchison					Cambridge, UK
 			[log in to unmask]