It was found that Red Hat Enterprise Virtualization Manager did not correctly pass the postzero parameter for deleted volumes after snapshot merging. This resulted in such volumes not being securely deleted as expected. A guest user in a new, raw virtual machine (VM), created in a data domain that has had VMs deleted from it, could use this flaw to read limited data from those deleted VMs, potentially disclosing sensitive information. (CVE-2010-2224)
This issue has been addressed in following products: Red Hat Enterprise Virtualization Manager 2.2 Via RHSA-2010:0478 https://rhn.redhat.com/errata/RHSA-2010-0478.html