It was reported [1] that the parameters for the virDomainMigrate*Params RPC calls were not bounds checked, which meant that a malicious client could cause libvirtd to consume arbitrary memory. This issue was introduced in libvirt 1.1.0 and has been corrected in git. [1] http://www.mail-archive.com/libvir-list@redhat.com/msg83332.html Statement: Not vulnerable. This issue did not affect the versions of libvirt as shipped with Red Hat Enterprise Linux 5 and 6 as they did not ship the vulnerable version.