It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207, namely did not include commits:] [kvm] kvm: mmu: Do not release the page inside mmu_set_spte() [kvm] KVM: x86: remove now unneeded hugepage gfn adjustment from the original IFU patchset.
Statement: Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/ifu-page-mce
Mitigation: For mitigation related information, please refer to the Red Hat vulnerability article: https://access.redhat.com/security/vulnerabilities/ifu-page-mce .
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:4245 https://access.redhat.com/errata/RHSA-2019:4245
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-19339