** Patch added: "0001-fw_cfg-Disallow-writes-to-non-writable-firmware-entr.patch" https://bugs.launchpad.net/bugs/786211/+attachment/2137594/+files/0001-fw_cfg-Disallow-writes-to-non-writable-firmware-entr.patch
** Visibility changed to: Public -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/786211 Title: Missing checks for valid, writable, firmware in fw_cfg_write Status in QEMU: New Bug description: The `fw_cfg_write` function in the firmware emulation is missing checks to ensure that the firmware being written is (a) a valid index, and (b) writable. This can lead to a segmentation fault and potentially (in the case of writing to FW_CFG_INVALID), memory corruption, although the attacker has fairly limited control over whether and what corruption is possible.
