Red Hat Security Advisory 2013-0896-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. It was found that QEMU Guest Agent created certain files with world-writable permissions when run in daemon mode. An unprivileged guest user could use this flaw to consume all free space on the partition containing the qemu-ga log file, or modify the contents of the log. When a UNIX domain socket transport was explicitly configured to be used, an unprivileged guest user could potentially use this flaw to escalate their privileges in the guest. This update requires manual action.
78c09a27924b169fc35495ec7822a2252c1000ec9bf69ee699b081bcde3ba5e1