The Xen project has issued a patch for a nasty Qemu flaw.
XSA-179 addresses two problems that could see guest VMs compromised.
The good news is you need to be running a "stdvga" emulated video card to be susceptible, and that's not the default emulated card.
The default is “cirrus” and it's impervious to this problem. ®