Paolo Bonzini discovered that you can issue SCSI ioctls to virtio devices which are passed down to the host.
The very unfortunate part about this is it easily allows guests to read and write parts of host devices that they are not supposed to. For example, if a guest was confined to host device /dev/sda3, it could read or write other partitions or the boot sector on /dev/sda.
In your guest, try this command which reads the host boot sector:
sg_dd if=/dev/vda blk_sgio=1 bs=512 count=1 of=output
Swap the if and of arguments around to exploit the host.
Here’s Paolo’s write-up on LKML.
Here is the libguestfs mitigation patch. The libvirt mitigation patch.
Richard WM Jones 