Please search the linux-kernel archives, you'll find a lot of
discussion about this question.
In short, the best known fix masks the interrupt descriptor table as
read-only. When the processor executes this invalid instruction, it
apparently requires write permissions for the IDT, which in turn
leads to a page fault. The protection fault handler checks whether
it accessed the IDT, then produces SIGILL, otherwise SIGSEGV.
Older versions of the patch completely unmapped this part of the
IDT, causing a page fault for every of the first six faults.
Regards,
Martin