CVE-2021-43415 - QEMU tasks may gain access to host resources.
The QEMU driver allows arbitrary command line options, but many of these options give access to host resources that operators may not want to expose, such as devices. See https://github.com/hashicorp/nomad/issues/11542 for details.
Users should upgrade to Nomad v1.2.1. Upgrading Nomad will allow configuring the QEMU task driver to restrict the list of arguments allowed to be specified in a task.
1.2.1 Changelog - https://github.com/hashicorp/nomad/blob/v1.2.1/CHANGELOG.md
1.2.1 Binaries - https://releases.hashicorp.com/nomad/1.2.1/
1.1.8 Changelog - https://github.com/hashicorp/nomad/blob/v1.1.8/CHANGELOG.md
1.1.8 Binaries - https://releases.hashicorp.com/nomad/1.1.8/
1.0.14 Changelog - https://github.com/hashicorp/nomad/blob/v1.0.14/CHANGELOG.md
1.0.14 Binaries - https://releases.hashicorp.com/nomad/1.0.14/
The Nomad Team