(RHSA-2016:0450) Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

• An integer overflow flaw was found in the way the Linux kernel’s Frame
  Buffer device implementation mapped kernel memory to user space via the
  mmap syscall. A local user able to access a frame buffer device file
  (/dev/fb*) could possibly use this flaw to escalate their privileges on the
  system. (CVE-2013-2596, Important)

• It was found that the Xen hypervisor x86 CPU emulator implementation did
  not correctly handle certain instructions with segment overrides,
  potentially resulting in a memory corruption. A malicious guest user could
  use this flaw to read arbitrary data relating to other guests, cause a
  denial of service on the host, or potentially escalate their privileges on
  the host. (CVE-2015-2151, Important)

This update also fixes the following bugs:

• Previously, the CPU power of a CPU group could be zero. As a consequence,
  a kernel panic occurred at “find_busiest_group+570” with do_divide_error.
  The provided patch ensures that the division is only performed if the CPU
  power is not zero, and the aforementioned panic no longer occurs.
  (BZ#1209728)

• Prior to this update, a bug occurred when performing an online resize of
  an ext4 file system which had been previously converted from ext3. As a
  consequence, the kernel crashed. The provided patch fixes online resizing
  for such file systems by limiting the blockgroup search loop for non-extent
  files, and the mentioned kernel crash no longer occurs. (BZ#1301100)

All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.