Red Hat Security Advisory 2013-0746-01 - An updated rhev-hypervisor6 package that fixes several security issues and various bugs is now available. A flaw was found in the way KVM handled guest time updates when the buffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register crossed a page boundary. A privileged guest user could use this flaw to crash the host or, potentially, escalate their privileges, allowing them to execute arbitrary code at the host kernel level.
e0e7bdb5b0b9301124043a493b224b471c5939586c857ab5a5abc339a3c008e4
Mandriva Linux Security Advisory 2013-116 - Stack-based buffer overflow in libpixman has unspecified impact and attack vectors.
bd668a8e9ffb55c3c93cd9dfa26a45223599069231f7f3238d60a9fe065e1266
Red Hat Security Advisory 2013-0687-01 - Pixman is a pixel manipulation library for the X Window System and Cairo. An integer overflow flaw was discovered in one of pixman's manipulation routines. If a remote attacker could trick an application using pixman into performing a certain manipulation, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All applications using pixman must be restarted for this update to take effect.
a3774347ea45c3c7ae68e1074b90367573297995db1225f26b9651f2ad1564ed