View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-9914 low priority: Ubuntu including 2 source packages (qemu, qemu-kvm), 28 status rows across 14 suites (artful, bionic, cosmic, disco, eoan, focal, groovy, hirsute, precise, trusty, upstream, xenial, yakkety, zesty): DNE 13, released 12, needed 2, ignored 1.
Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations.