An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS). Note: This is disputed as a bug and not a valid security issue by multiple third parties.
https://security.netapp.com/advisory/ntap-20231006-0012/
https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html