libvirt.so is vulnerable to denial of service (DoS) attacks. The library does not properly initialize a nodemap, leading to an invalid free that can crash the application or cause arbitrary code to be executed.
libvirt.org/news.html
lists.opensuse.org/opensuse-updates/2014-02/msg00060.html
secunia.com/advisories/60895
security.gentoo.org/glsa/glsa-201412-04.xml
www.ubuntu.com/usn/USN-2093-1
bugzilla.redhat.com/show_bug.cgi?id=1048629
github.com/libvirt/libvirt/commit/f9ee91d35510ccbc6fc42cef8864b291b2d220f4
www.redhat.com/archives/libvir-list/2013-December/msg01176.html
www.redhat.com/archives/libvir-list/2013-December/msg01258.html