The MITRE CVE dictionary describes this issue as:
"The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c."
- Red Hat Enterprise Linux (RHEL) 5
- Red Hat Enterprise Linux (RHEL) 6
Please note that unlike Red Hat Enterprise Linux 6, where a local unprivileged user could use this flaw to escalate their privileges on the system, on Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6.2 EUS and Red Hat Enterprise Linux 6.3 EUS the impact is limited to potential information leak only.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.