Qemu emulator built with the IDE Emulation with PCI PIIX3/4 support is vulnerable to a use after free flaw. It occurs while unplugging the IDE device in pci_piix3_xen_ide_unplug in Xen virtualisation setup. A privileged user inside guest could use this issue to crash the Qemu process resulting in DoS. Upstream patch: --------------- -> http://git.qemu.org/?p=qemu.git;a=commitdiff;h=6cd387833d05e8ad31829d97e47