CentOS 7 series are based on on the freely distributed sources of the Red Hat Enterprise Linux 7 operating system, which means that it always inherits its newest kernel security updates. This one happens to be an important one, and users are urged to update their systems immediately to kernel-3.10.0-514.10.2.el7. According to upstream RHSA-2017:0386-1 security advisory, the kernel patch resolves a vulnerability (CVE-2016-8630) found in Linux kernel’s KVM (Kernel-based Virtual Machine) implementation, which could occur on 32-bit (x86) platforms when an undefined instruction was emulated, allowing an attacker to crash the host kernel.