CVE-2014-4699:
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.
This issue affects CentOS-6 and -7 kernels. An updtream fix has now been applied to the CenOSPlus kernels.
CentOS-6:
kernel-2.6.32-431.20.3.0.1.el6.centos.plus.x86_64.rpm
kernel-2.6.32-431.20.3.0.1.el6.centos.plus.i686.rpm
CentOS-7:
kernel-plus-3.10.0-123.4.2.el7.centos.plus.0.1.x86_64.rpm
1) CentOS 7 install is buggy (GRUB assigne the wrong UUID)
2) So far, no broadcom package is available for Wifi (broadcom-wl-xxxx.rpm) the Fedora package does not install.
Several HP and Dell notebooks use the broadcom chip. And broadcom does not provide anymore a package (the source build+install is overly complex).