To qubes-mirage-firewall users: All versions from 0.8.0 to 0.8.3 (included) are vulnerable to potential DoS (100% CPU usage and no network traffic) from malicious client VM and should no longer be used, 0.8.4 fixes the issue and should be used instead.
More details are provided in the initial issue and on MirageOS Security Advisory 03 - remote DoS
To upgrade from an earlier release, simply overwrite the unikernel with the new version and restart the firewall VM.
You can find the latest version on the github release page or on the reproducible builds page at Robur:
Job qubes-firewall
Best