This update for kvm fixes the following security issues:
CVE-2018-12617: qmpguestfile_read had an integer overflow that could have
been exploited by sending a crafted QMP command (including guest-file-read with
a large count value) to the agent via the listening socket causing DoS
(bsc#1098735)
CVE-2018-11806: Prevent heap-based buffer overflow via incoming fragmented
datagrams (bsc#1096223)
With this release the mitigations for Spectre v4 are moved the the patches from
upstream (CVE-2018-3639, bsc#1092885).