A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices.
https://security.netapp.com/advisory/ntap-20210312-0002/
https://security.gentoo.org/glsa/202208-27
https://github.com/qemu/qemu/commit/ebf101955ce8f8d72fba103b5151115a4335de2c