Updated kernel packages that fix two security issues and several bugs arenow available for Red Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System basescores, which give detailed severity ratings, are available for eachvulnerability from the CVE links in the References section. The kernel packages contain the Linux kernel, the core of any Linuxoperating system.This update fixes the following security issues:* A flaw was found in the way the xen_iret function in the Linux kernelused the DS register. A local, unprivileged userin a 32-bit, para-virtualized Xen hypervisor guest could use this flaw tocrash the guest or, potentially, escalate their privileges. * A flaw was found in the way file permission checks for thequot;/dev/cpu/[x]/msrquot; files were performed in restricted root environments. A local userwith the ability to write to these files could use this flaw to escalatetheir privileges to kernel level, for example, by writing to theSYSENTER_EIP_MSR register. The CVE-2013-0228 issue was discovered by Andrew Jones of Red Hat.This update also fixes several bugs. Documentation for these changes willbe available shortly from the Technical Notes document linked to in theReferences section.Users should upgrade to these updated packages, which contain backportedpatches to correct these issues, and fix the bugs noted in the TechnicalNotes. The system must be rebooted for this update to take effect.