02_kfreebsd.patch
use-fixed-data-path.patch
use-data-path.patch
v2.8.1.diff
doc-don-t-mention-memory-it-is-m.patch
xhci-fix-event-queue-IRQ-handling.patch
xhci-only-free-completed-transfers.patch
char-drop-data-written-to-a-disconnected-pty.patch
linux-user-fix-apt-get-update-on-linux-user-hppa.patch
slirp-make-RA-build-more-flexible.patch
slirp-send-RDNSS-in-RA-only-if-host-has-an-IPv6-DNS.patch
audio-ac97-add-exit-function-CVE-2017-5525.patch
audio-es1370-add-exit-function-CVE-2017-5526.patch
watchdog-6300esb-add-exit-function-CVE-2016-10155.patch
serial-fix-memory-leak-in-serial-exit-CVE-2017-5579.patch
sd-sdhci-check-transfer-mode-register-in-multi-block-CVE-2017-5987.patch
megasas-fix-guest-triggered-memory-leak-CVE-2017-5856.patch
usb-ccid-check-ccid-apdu-length-CVE-2017-5898.patch
xhci-apply-limits-to-loops-CVE-2017-5973.patch
net-imx-limit-buffer-descriptor-count-CVE-2016-7907.patch
virtio-gpu-fix-resource-leak-in-virgl_cmd_resource-CVE-2017-5857.patch
usb-ohci-limit-the-number-of-link-eds-CVE-2017-6505.patch
dma-rc4030-limit-interval-timer-reload-value-CVE-2016-8667.patch
9pfs-fix-file-descriptor-leak-CVE-2017-7377.patch
9pfs-local-set-path-of-export-root-to-dot-CVE-2017-7471.patch
9pfs-xattr-fix-memory-leak-in-v9fs_list_xattr-CVE-2017-8086.patch
9pfs-local-forbid-client-access-to-metadata-CVE-2017-7493.patch
vmw_pvscsi-check-message-ring-page-count-at-init-CVE-2017-8112.patch
scsi-avoid-an-off-by-one-error-in-megasas_mmio_write-CVE-2017-8380.patch
input-limit-kbd-queue-depth-CVE-2017-8379.patch
audio-release-capture-buffers-CVE-2017-8309.patch
net-e1000e-fix-an-infinite-loop-issue-CVE-2017-9310.patch
usb-ohci-fix-error-return-code-in-servicing-iso-td-CVE-2017-9330.patch
ide-core-add-cleanup-function.patch
ide-ahci-call-cleanup-function-in-ahci-unit-CVE-2017-9373.patch
xhci-dont-kick-in-xhci_submit-and-xhci_fire_ctl_transfer.patch
xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch
usb-ehci-fix-memory-leak-in-ehci-CVE-2017-9374.patch
nbd-ignore-SIGPIPE-CVE-2017-10664.patch
nbd-fully-initialize-client-in-case-of-failed-negotiation-CVE-2017-9524.patch
nbd-fix-regression-on-resiliency-to-port-scan-CVE-2017-9524.patch
xen-disk-don-t-leak-stack-data-via-response-ring-CVE-2017-10911.patch
slirp-check-len-against-dhcp-options-array-end-CVE-2017-11434.patch
exec-use-qemu_ram_ptr_length-to-access-guest-ram-CVE-2017-11334.patch
exec-add-lock-parameter-to-qemu_ram_ptr_length.patch
usb-redir-fix-stack-overflow-in-usbredir_log_data-CVE-2017-10806.patch
ide-do-not-flush-empty-CDROM-drives-CVE-2017-12809.patch
vga-stop-passing-pointers-to-vga_draw_line-functions-CVE-2017-13672.patch
multiboot-validate-multiboot-header-address-values-CVE-2017-14167.patch
multiboot-bss_end_addr-can-be-zero-CVE-2018-7550.patch
slirp-fix-clearing-ifq_so-from-pending-packets-CVE-2017-13711.patch
# CVE-2017-5715 (spectre/meltdown) mitigation support
CVE-2017-5715/i386-increase-X86CPUDefinition-model_id-to-49.patch
CVE-2017-5715/i386-add-support-for-SPEC_CTRL-MSR.patch
CVE-2017-5715/i386-add-spec-ctrl-CPUID-bit.patch
CVE-2017-5715/i386-add-FEAT_8000_0008_EBX-CPUID-feature-word.patch
CVE-2017-5715/i386-add-new-IBRS-versions-of-Intel-CPU-models.patch
CVE-2017-5715/s390x-kvm-introduce-branch-prediction-blocking-contr.patch
CVE-2017-5715/s390x-kvm-handle-bpb-feature.patch
vga-check-the-validation-of-memory-addr-when-draw-text-CVE-2018-5683.patch
osdep-fix-ROUND_UP-64-bit-32-bit-CVE-2017-18043.patch
virtio-check-VirtQueue-Vring-object-is-set-CVE-2017-17381.patch
ps2-check-PS2Queue-pointers-in-post_load-routine-CVE-2017-16845.patch
cirrus-fix-oob-access-in-mode4and5-write-functions-CVE-2017-15289.patch
io-monitor-encoutput-buffer-size-from-websocket-GSource-CVE-2017-15268.patch
nbd-server-CVE-2017-15119-Reject-options-larger-than-32M.patch
9pfs-use-g_malloc0-to-allocate-space-for-xattr-CVE-2017-15038.patch
# CVE-2017-15124 (vnc server unbounded memory usage) fixes
CVE-2017-15124/01-ui-remove-sync-parameter-from-vnc_update_client.patch
CVE-2017-15124/02-ui-remove-unreachable-code-in-vnc_update_client.patch
CVE-2017-15124/03-ui-remove-redundant-indentation-in-vnc_client_update.patch
CVE-2017-15124/04-ui-avoid-pointless-VNC-updates-if-framebuffer-isn-t-.patch
CVE-2017-15124/05-ui-track-how-much-decoded-data-we-consumed-when-doin.patch
CVE-2017-15124/06-ui-introduce-enum-to-track-VNC-client-framebuffer-up.patch
CVE-2017-15124/07-ui-correctly-reset-framebuffer-update-state-after-pr.patch
CVE-2017-15124/08-ui-refactor-code-for-determining-if-an-update-should.patch
CVE-2017-15124/09-ui-fix-VNC-client-throttling-when-audio-capture-is-a.patch
CVE-2017-15124/10-ui-fix-VNC-client-throttling-when-forced-update-is-r.patch
CVE-2017-15124/11-ui-place-a-hard-cap-on-VNC-server-output-buffer-size.patch
CVE-2017-15124/12-ui-add-trace-events-related-to-VNC-client-throttling.patch
CVE-2017-15124/13-ui-mix-misleading-comments-return-types-of-VNC-I-O-h.patch
ssbd-support.patch
CVE-2018-10839.patch
CVE-2018-17962.patch
CVE-2018-17963.patch
slirp-correct-size-computation-concatenating-mbuf-CVE-2018-11806.patch
qga-check-bytes-count-read-by-guest-file-read-CVE-2018-12617.patch
usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
rtl8139-fix-possible-out-of-bound-access-CVE-2018-17958.patch
lsi53c895a-check-message-length-value-is-valid-CVE-2018-18849.patch
ppc-pnv-check-size-before-data-buffer-access-CVE-2018-18954.patch
9p-write-lock-path-in-v9fs-co_open2.patch
9p-take-write-lock-on-fid-path-updates-CVE-2018-19364.patch
9p-fix-QEMU-crash-when-renaming-files-CVE-2018-19489.patch
i2c-ddc-fix-oob-read-CVE-2019-3812.patch
slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
slirp-check-sscanf-result-when-emulating-ident-CVE-2019-9824.patch
enable-md-clear.patch
qxl-check-release-info-object-CVE-2019-12155.patch
qemu-bridge-helper-restrict-interface-name-to-IFNAMSIZ-CVE-2019-13164.patch
slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input-CVE-2019-14378.patch
slirp-ip_reass-fix-use-after-free-CVE-CVE-2019-15890.patch
device_tree-dont-use-load_image-CVE-2018-20815.patch
tcp_emu-fix-OOB-access-CVE-2020-7039.patch
slirp-use-correct-size-while-emulating-commands-CVE-2020-7039.patch
slirp-use-correct-size-while-emulating-IRC-commands-CVE-2020-7039.patch
