Ubuntu Security Notice 1177-1 - Andrew Griffiths discovered that QEMU did not correctly drop privileges when using the 'runas' argument. Under certain circumstances a local attacker could exploit this to escalate privileges.
2db2352dca97c03e93a4de8cf6727155b5bccf0dc86d6436fc53e270444efcdd