It has been found that sending crafted RPC command with nparams set to 0 can lead to libvirtd accessing random memory, possibly leading to crash. A remote attacker could use this flaw to crash libvirtd (DoS).
Upstream proposed fix:
https://www.redhat.com/archives/libvir-list/2012-July/msg01650.html
Statement:
The versions of libvirt as shipped with Red Hat Enterprise Linux 5 are not affected.
Future libvirt updates for Red Hat Enterprise Linux 6 may address this flaw.