14 DAY TRIAL // Canonical has released some details in a security notice about quite a few QEMU vulnerabilities in Ubuntu 15.04, Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS, operating systems.
The QEMU developers have managed to plug another set of vulnerabilities, and the Ubuntu maintainers have been quick to fix the issues by implementing the patches. This is a rather consistent patch, so it would be a good idea to upgrade as soon as possible.
According to the security notice, "Matt Tait discovered that QEMU incorrectly handled the virtual PCNET driver. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile."
This is just one of the problems that have been found and fixed. For a more detailed description of the problems, you can see Canonical's security notification. Users should upgrade their Linux distribution in order to correct these issues.
The flaw can be fixed if you upgrade your system(s) to the latest packages specific to each distribution. To apply the patch, you can simply run the Update Manager application. In general, a standard system update will make all the necessary changes. A reboot of the system is not necessary, but all QEMU virtual machines need to be rebooted.