A potential DoS issue was found in the virtio-fs shared file system daemon
(virtiofsd) implementation of the QEMU. Virtiofsd is meant to share a host
file system directory with a guest via virtio-fs device. The said DoS may
occur on the host, if the guest was to open the maximum number of file
descriptors under the shared directory. A guest user/process may use this flaw
to cause DoS issue on the host.
This issue was reported by Yuval Avrahami of Palo Alto Networks.
Landed upstream already: https://git.qemu.org/?p=qemu.git;a=commit;h=8c1d353d107b4fc344e27f2f08ea7fa25de2eea2
@maintainer(s), you may wish to apply other patches relating to virtiofsd too, committed before/after.
Fix is in 5.1.0.
qemu $ git tag --contains=8c1d353d107b4
This issue was resolved and addressed in
GLSA 202011-09 at https://security.gentoo.org/glsa/202011-09
by GLSA coordinator Sam James (sam_c).