It was found that libvirt did not extract the defined disk backing store
format when recursing into disk image backing stores in the security
drivers. This could be possibly exploited by priviledged guest user to
access arbitrary files on the host.
This issue affects libvirt >= 0.7.2.
Not vulnerable. This issue did not affect the version of libvirt as shipped with Red Hat Enterprise Linux 5.
Created libvirt tracking bugs for this issue
Affects: fedora-all [bug 613625]
libvirt-0.8.2-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
libvirt-0.8.2-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.