KVM (Kernel-based Virtual Machine) is a full virtualization solution forLinux on AMD64 and Intel 64 systems. qemu-kvm is the user-space componentfor running virtual machines using KVM.It was found that qemu-kvm did not properly drop supplemental groupprivileges when the root user started guests from the command line("/usr/libexec/qemu-kvm") with the "-runas" option. A qemu-kvm processstarted this way could use this flaw to gain access to files on the hostthat are accessible to the supplementary groups and not accessible to theprimary group. (CVE-2011-2527)Note: This issue only affected qemu-kvm when it was started directly fromthe command line. It did not affect the Red Hat Enterprise Virtualizationplatform or applications that start qemu-kvm via libvirt, such as theVirtual Machine Manager (virt-manager).This update also fixes several bugs and adds various enhancements.Documentation for these bug fixes and enhancements will be availableshortly from the Technical Notes document, linked to in the Referencessection.All users of qemu-kvm are advised to upgrade to these updated packages,which contain backported patches to correct these issues and add theseenhancements. After installing this update, shut down all running virtualmachines. Once all virtual machines have shut down, start them again forthis update to take effect.