The kernel packages contain the Linux kernel, the core of any Linux operating system.
* A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (CVE-2016-5195, Important)
* It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system. (CVE-2016-1583, Important)
A local attacker could exploit this vulnerability to escalate privileges.
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2016:2124 to address this issue and obtain more information.
Following are links for downloading patches to fix the vulnerabilities: