diff -Nru libvirt-1.3.1/debian/changelog libvirt-1.3.1/debian/changelog
--- libvirt-1.3.1/debian/changelog	2019-03-13 12:10:12.000000000 +0000
+++ libvirt-1.3.1/debian/changelog	2019-05-14 19:13:18.000000000 +0000
@@ -1,3 +1,12 @@
+libvirt (1.3.1-1ubuntu10.26) xenial-security; urgency=medium
+
+  * SECURITY UPDATE: Add support for md-clear functionality
+    - debian/patches/md-clear.patch: Define md-clear CPUID bit in
+      src/cpu/cpu_map.xml.
+    - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 14 May 2019 15:13:18 -0400
+
 libvirt (1.3.1-1ubuntu10.25) xenial-security; urgency=medium
 
   * SECURITY UPDATE: NULL pointer dereference in qemuAgentGetInterfaces
diff -Nru libvirt-1.3.1/debian/patches/md-clear.patch libvirt-1.3.1/debian/patches/md-clear.patch
--- libvirt-1.3.1/debian/patches/md-clear.patch	1970-01-01 00:00:00.000000000 +0000
+++ libvirt-1.3.1/debian/patches/md-clear.patch	2019-05-14 19:13:27.000000000 +0000
@@ -0,0 +1,42 @@
+Backport of:
+
+From 538d873571d7a682852dc1d70e5f4478f4d64e85 Mon Sep 17 00:00:00 2001
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Fri, 5 Apr 2019 15:11:20 +0200
+Subject: [PATCH] cpu_map: Define md-clear CPUID bit
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+
+The bit is set when microcode provides the mechanism to invoke a flush
+of various exploitable CPU buffers by invoking the VERW instruction.
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+---
+ src/cpu_map/x86_features.xml                       |    3 +++
+ .../x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml       |    2 +-
+ .../x86_64-cpuid-Xeon-E3-1225-v5-guest.xml         |    1 +
+ .../x86_64-cpuid-Xeon-E3-1225-v5-host.xml          |    1 +
+ .../x86_64-cpuid-Xeon-E3-1225-v5-json.xml          |    1 +
+ .../x86_64-cpuid-Xeon-Platinum-8268-guest.xml      |    1 +
+ .../x86_64-cpuid-Xeon-Platinum-8268-host.xml       |    1 +
+ 7 files changed, 9 insertions(+), 1 deletions(-)
+
+Index: libvirt-1.3.1/src/cpu/cpu_map.xml
+===================================================================
+--- libvirt-1.3.1.orig/src/cpu/cpu_map.xml	2019-05-14 15:12:09.891761528 -0400
++++ libvirt-1.3.1/src/cpu/cpu_map.xml	2019-05-14 15:13:02.328081630 -0400
+@@ -287,6 +287,9 @@
+     <feature name='perfctr_nb'>
+       <cpuid function='0x80000001' ecx='0x01000000'/>
+     </feature>
++    <feature name='md-clear'> <!-- md_clear -->
++      <cpuid function='0x07' edx='0x00000400'/>
++    </feature>
+     <feature name='spec-ctrl'>
+       <cpuid function='0x07' edx='0x04000000'/>
+     </feature>
diff -Nru libvirt-1.3.1/debian/patches/series libvirt-1.3.1/debian/patches/series
--- libvirt-1.3.1/debian/patches/series	2019-03-13 12:10:05.000000000 +0000
+++ libvirt-1.3.1/debian/patches/series	2019-05-14 19:12:08.000000000 +0000
@@ -108,3 +108,4 @@
 CVE-2018-3639-1.patch
 CVE-2018-3639-2.patch
 CVE-2019-3840.patch
+md-clear.patch