Debian Linux Security Advisory 2650-2 - The recent security update for libvirt was found to cause a regression. The kvm/qemu processes weren't run as the `kvm` user anymore in order to fix the file/device ownership changes, but the processes where not correctly configured to use the `kvm` group either. When the user would try to run a virtual machine, the process was denied access to the /dev/kvm device node, preventing the virtual machine to run.
ba083b83252d717a51f6b269fc6d80bf4b8fd29504ca0936af5e421e28e0a86e
Debian Linux Security Advisory 2650-1 - Bastian Blank discovered that libvirtd, a daemon for management of virtual machines, network and storage, would change ownership of devices files so they would be owned by user `libvirt-qemu` and group `kvm`, which is a general purpose group not specific to libvirt, allowing unintended write access to those devices and files for the kvm group members.
ad145b3f7eea707861f3e1501dec70729670737266c1ef229e6eeb017f85f9eb