diff --git a/Revert-random-fix-crng_ready-test.patch b/Revert-random-fix-crng_ready-test.patch
new file mode 100644
index 000000000..95d972e73
--- /dev/null
+++ b/Revert-random-fix-crng_ready-test.patch
@@ -0,0 +1,66 @@
+From ee203f9d1d02d7c3f1204a057517a632002edb7b Mon Sep 17 00:00:00 2001
+From: Jeremy Cline <jeremy@jcline.org>
+Date: Tue, 1 May 2018 14:32:05 -0400
+Subject: [PATCH] Revert "random: fix crng_ready() test"
+
+This reverts commit cd8d7a5778a4abf76ee8fe8f1bfcf78976029f8d.
+
+This is a short-term solution to rhbz 1572944.
+
+Signed-off-by: Jeremy Cline <jeremy@jcline.org>
+---
+ drivers/char/random.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/drivers/char/random.c b/drivers/char/random.c
+index 38729baed6ee..7670e81bb0b9 100644
+--- a/drivers/char/random.c
++++ b/drivers/char/random.c
+@@ -427,7 +427,7 @@ struct crng_state primary_crng = {
+  * its value (from 0->1->2).
+  */
+ static int crng_init = 0;
+-#define crng_ready() (likely(crng_init > 1))
++#define crng_ready() (likely(crng_init > 0))
+ static int crng_init_cnt = 0;
+ static unsigned long crng_global_init_time = 0;
+ #define CRNG_INIT_CNT_THRESH (2*CHACHA20_KEY_SIZE)
+@@ -798,7 +798,7 @@ static int crng_fast_load(const char *cp, size_t len)
+ 
+ 	if (!spin_trylock_irqsave(&primary_crng.lock, flags))
+ 		return 0;
+-	if (crng_init != 0) {
++	if (crng_ready()) {
+ 		spin_unlock_irqrestore(&primary_crng.lock, flags);
+ 		return 0;
+ 	}
+@@ -905,7 +905,7 @@ static void _extract_crng(struct crng_state *crng,
+ {
+ 	unsigned long v, flags;
+ 
+-	if (crng_ready() &&
++	if (crng_init > 1 &&
+ 	    (time_after(crng_global_init_time, crng->init_time) ||
+ 	     time_after(jiffies, crng->init_time + CRNG_RESEED_INTERVAL)))
+ 		crng_reseed(crng, crng == &primary_crng ? &input_pool : NULL);
+@@ -1190,7 +1190,7 @@ void add_interrupt_randomness(int irq, int irq_flags)
+ 	fast_mix(fast_pool);
+ 	add_interrupt_bench(cycles);
+ 
+-	if (unlikely(crng_init == 0)) {
++	if (!crng_ready()) {
+ 		if ((fast_pool->count >= 64) &&
+ 		    crng_fast_load((char *) fast_pool->pool,
+ 				   sizeof(fast_pool->pool))) {
+@@ -2272,7 +2272,7 @@ void add_hwgenerator_randomness(const char *buffer, size_t count,
+ {
+ 	struct entropy_store *poolp = &input_pool;
+ 
+-	if (unlikely(crng_init == 0)) {
++	if (!crng_ready()) {
+ 		crng_fast_load(buffer, count);
+ 		return;
+ 	}
+-- 
+2.17.0
+
diff --git a/kernel.spec b/kernel.spec
index 62c679fcb..1713a5b09 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -42,7 +42,7 @@ Summary: The Linux kernel
 # For non-released -rc kernels, this will be appended after the rcX and
 # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
 #
-%global baserelease 300
+%global baserelease 301
 %global fedora_build %{baserelease}
 
 # base_sublevel is the kernel version we're starting with and patching
@@ -661,6 +661,9 @@ Patch507: xhci-Fix-Kernel-oops-in-xhci-dbgtty.patch
 # rhbz 1514836
 Patch508: Bluetooth-btusb-autosuspend-XPS-13-9360-fixes.patch
 
+# rhbz 1572944
+Patch509: Revert-random-fix-crng_ready-test.patch
+
 # END OF PATCH DEFINITIONS
 
 %endif
@@ -1910,6 +1913,9 @@ fi
 #
 #
 %changelog
+* Tue May 01 2018 Jeremy Cline <jeremy@jcline.org> - 4.16.6-301
+- Revert the fix for CVE-2018-1108 (rhbz 1572944)
+
 * Mon Apr 30 2018 Jeremy Cline <jeremy@jcline.org> - 4.16.6-300
 - Linux v4.16.6