The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a directory on which "chown" is called recursively by the OpenRC service script.
Gentoo Linux Security Advisory 201711-11 - A vulnerability was discovered in VDE which may allow local users to gain root privileges. Versions less than 2.3.2-r4 are affected.