(RHSA-2014:0476) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

• A buffer overflow flaw was found in the way the qeth_snmp_command()
  function in the Linux kernel’s QETH network device driver implementation
  handled SNMP IOCTL requests with an out-of-bounds length. A local,
  unprivileged user could use this flaw to crash the system or, potentially,
  escalate their privileges on the system. (CVE-2013-6381, Important)

• A flaw was found in the way the Linux kernel’s Adaptec RAID controller
  (aacraid) checked permissions of compat IOCTLs. A local attacker could use
  this flaw to bypass intended security restrictions. (CVE-2013-6383,
  Moderate)

This update also fixes the following bug:

• Running a process in the background on a GFS2 file system could sometimes
  trigger a glock recursion error that resulted in a kernel panic. This
  happened when a readpage operation attempted to take a glock that had
  already been held by another function. To prevent this error, GFS2 now
  verifies whether the glock is already held when performing the readpage
  operation. (BZ#1077789)

All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.