CVE-2014-0189 (enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_workstation, virt-who)
virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file.