The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.
http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html
https://bugzilla.redhat.com/show_bug.cgi?id=997367
http://secunia.com/advisories/60895
http://security.gentoo.org/glsa/glsa-201412-04.xml