libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.
Red Hat Security Advisory 2016-2577-02 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.