The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
kernel: Buffer over-read in keyring subsystem allows exposing potentially sensitive information to local attacker (CVE-2017-13305)
Kernel: FPU state information leakage via lazy FPU restore (CVE-2018-3665)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Julian Stecklina (Amazon.de), Thomas Prescher (cyberus-technology.de), and Zdenek Sojka (sysgo.com) for reporting CVE-2018-3665.
Users of kernel-rt are advised to upgrade to these updated packages, which add this enhancement.
The system must be rebooted for this update to take effect.