A race condition was found in the way libvirtd handled keepalive initialization requests when the connection is closed prior to establishing connection credentials.
An attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd, resulting in a denial of service.
Not vulnerable. This issue did not affect the versions of libvirt as shipped with Red Hat Enterprise Linux 5.
CVE Request --
Created libvirt tracking bugs for this issue:
Affects: fedora-all [bug 1054808]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2014:0103 https://rhn.redhat.com/errata/RHSA-2014-0103.html