Generally kernel level attacks and neighbor performance impacts on the security side.
On the functional side without a kernel per guest you can't allow kernel access for stuff like eBPF, networking, nested virtualization and lots of important features.
theoretically you can get to fairly complete security via containers + a gVisor setup but at the expense of a ton of syscall performance and disabling lots of features (which is a 100% valid approach for many usecases).
I think eBPF is a valid example, because it allows you to program the kernel to some extent. That being said and assuming it's not important to your individual goal, why is a rootless podman container running rootless podman inside the container still not sufficient? Do you really need nested virtualization? What are some of those other important features?