- kvm: rtc_status.dest_map out-of-bounds access (CVE-2013-4587) - kvm: division by zero in apic_get_tmcct() (CVE-2013-6367) - kvm: cross page vapic_addr access (CVE-2013-6368) - kvm: BUG_ON() in apic_cluster_id() (CVE-2013-6376)