The remote Debian host is missing a security-related update.
Integer overflows in the processing of packets in network cards emulated by QEMU, a fast processor emulator, could result in denial of service. In addition this update backports support to passthrough the new CPU features added in the intel-microcode update shipped in DSA 4273 to x86-based guests.
Upgrade the qemu packages. For the stable distribution (stretch), these problems have been fixed in version 1:2.8+dfsg-6+deb9u5.