Common Vulnerabilities and Exposures assigned an identifier CVE-2014-8136 to
the following vulnerability:
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2
functions in qemu/qemu_driver.c in libvirt do not unlock the domain
when an ACL check fails, which allow local users to cause a denial of
service via unspecified vectors.
Upstream commit that addresses this:
Created libvirt tracking bugs for this issue:
Affects: fedora-all [bug 1176179]
See also the upstream announcement:
libvirt-18.104.22.168-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
libvirt-22.214.171.124-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2015:0323 https://rhn.redhat.com/errata/RHSA-2015-0323.html