A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.
https://lists.nongnu.org/archive/html/qemu-devel/2023-01/msg03411.html
https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html