When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration cannot really be security-supported, yet making that explicit was so far missing.
Resources the sharing of which is known to be problematic include, but are not limited to
The precise effects when shared resources are in use are system, device, guest, and resource specific. None of privilege escalation, information leaks, or Denial of Service (DoS) can be ruled out.
All systems making use of PCI pass-through are in principle vulnerable, when any kind of resource is shared. Just to re-iterate, even in the absence of resource sharing caveats apply to passing through of PCI devices to entirely untrusted guests.