QEMU is vulnerable to denial of service. A heap-based buffer overflow occurs in the Slirp networking back-end when reassembling fragmented datagrams. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS or potentially leverage it to execute arbitrary code on the host with privileges of the QEMU process.
www.openwall.com/lists/oss-security/2018/06/07/1
www.securityfocus.com/bid/104400
access.redhat.com/errata/RHSA-2018:2462
access.redhat.com/errata/RHSA-2018:2762
access.redhat.com/errata/RHSA-2018:2822
access.redhat.com/errata/RHSA-2018:2887
access.redhat.com/errata/RHSA-2019:2892
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1586245
lists.debian.org/debian-lts-announce/2019/05/msg00010.html
lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html
seclists.org/bugtraq/2019/May/76
usn.ubuntu.com/3826-1/
www.debian.org/security/2019/dsa-4454
www.zerodayinitiative.com/advisories/ZDI-18-567/