View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2013-2016 low priority: Ubuntu including 6 source packages (kvm, qemu, qemu-kvm, xen-3.1, xen-3.2, xen-3.3), 48 status rows across 8 suites (hardy, lucid, oneiric, precise, quantal, raring, saucy, upstream): DNE 31, not-affected 9, ignored 5, needed 2, released 1.
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.