Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    4 vulnerabilities by axboe

    CVE-2025-10824 (GCVE-0-2025-10824)

    Vulnerability from nvd – Published: 2025-09-23 00:02 – Updated: 2025-09-23 19:55
    VLAI
    Title
    axboe fio init.c __parse_jobs_ini use after free
    Summary
    A vulnerability was determined in axboe fio up to 3.41. This impacts the function __parse_jobs_ini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    axboe fio Affected: 3.0
    Affected: 3.1
    Affected: 3.2
    Affected: 3.3
    Affected: 3.4
    Affected: 3.5
    Affected: 3.6
    Affected: 3.7
    Affected: 3.8
    Affected: 3.9
    Affected: 3.10
    Affected: 3.11
    Affected: 3.12
    Affected: 3.13
    Affected: 3.14
    Affected: 3.15
    Affected: 3.16
    Affected: 3.17
    Affected: 3.18
    Affected: 3.19
    Affected: 3.20
    Affected: 3.21
    Affected: 3.22
    Affected: 3.23
    Affected: 3.24
    Affected: 3.25
    Affected: 3.26
    Affected: 3.27
    Affected: 3.28
    Affected: 3.29
    Affected: 3.30
    Affected: 3.31
    Affected: 3.32
    Affected: 3.33
    Affected: 3.34
    Affected: 3.35
    Affected: 3.36
    Affected: 3.37
    Affected: 3.38
    Affected: 3.39
    Affected: 3.40
    Affected: 3.41
    Create a notification for this product.
    Credits
    ahuo (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10824",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-23T19:53:53.085584Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-23T19:55:20.846Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "fio",
              "vendor": "axboe",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0"
                },
                {
                  "status": "affected",
                  "version": "3.1"
                },
                {
                  "status": "affected",
                  "version": "3.2"
                },
                {
                  "status": "affected",
                  "version": "3.3"
                },
                {
                  "status": "affected",
                  "version": "3.4"
                },
                {
                  "status": "affected",
                  "version": "3.5"
                },
                {
                  "status": "affected",
                  "version": "3.6"
                },
                {
                  "status": "affected",
                  "version": "3.7"
                },
                {
                  "status": "affected",
                  "version": "3.8"
                },
                {
                  "status": "affected",
                  "version": "3.9"
                },
                {
                  "status": "affected",
                  "version": "3.10"
                },
                {
                  "status": "affected",
                  "version": "3.11"
                },
                {
                  "status": "affected",
                  "version": "3.12"
                },
                {
                  "status": "affected",
                  "version": "3.13"
                },
                {
                  "status": "affected",
                  "version": "3.14"
                },
                {
                  "status": "affected",
                  "version": "3.15"
                },
                {
                  "status": "affected",
                  "version": "3.16"
                },
                {
                  "status": "affected",
                  "version": "3.17"
                },
                {
                  "status": "affected",
                  "version": "3.18"
                },
                {
                  "status": "affected",
                  "version": "3.19"
                },
                {
                  "status": "affected",
                  "version": "3.20"
                },
                {
                  "status": "affected",
                  "version": "3.21"
                },
                {
                  "status": "affected",
                  "version": "3.22"
                },
                {
                  "status": "affected",
                  "version": "3.23"
                },
                {
                  "status": "affected",
                  "version": "3.24"
                },
                {
                  "status": "affected",
                  "version": "3.25"
                },
                {
                  "status": "affected",
                  "version": "3.26"
                },
                {
                  "status": "affected",
                  "version": "3.27"
                },
                {
                  "status": "affected",
                  "version": "3.28"
                },
                {
                  "status": "affected",
                  "version": "3.29"
                },
                {
                  "status": "affected",
                  "version": "3.30"
                },
                {
                  "status": "affected",
                  "version": "3.31"
                },
                {
                  "status": "affected",
                  "version": "3.32"
                },
                {
                  "status": "affected",
                  "version": "3.33"
                },
                {
                  "status": "affected",
                  "version": "3.34"
                },
                {
                  "status": "affected",
                  "version": "3.35"
                },
                {
                  "status": "affected",
                  "version": "3.36"
                },
                {
                  "status": "affected",
                  "version": "3.37"
                },
                {
                  "status": "affected",
                  "version": "3.38"
                },
                {
                  "status": "affected",
                  "version": "3.39"
                },
                {
                  "status": "affected",
                  "version": "3.40"
                },
                {
                  "status": "affected",
                  "version": "3.41"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ahuo (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was determined in axboe fio up to 3.41. This impacts the function __parse_jobs_ini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in axboe fio up to 3.41 entdeckt. Es geht hierbei um die Funktion __parse_jobs_ini der Datei init.c. Durch die Manipulation mit unbekannten Daten kann eine use after free-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit wurde der \u00d6ffentlichkeit bekannt gemacht und k\u00f6nnte verwendet werden."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.3,
                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-23T00:02:06.575Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-325181 | axboe fio init.c __parse_jobs_ini use after free",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.325181"
            },
            {
              "name": "VDB-325181 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.325181"
            },
            {
              "name": "Submit #654072 | Jens Axboe Fio 3.41 / master commit 84787ad Use After Free",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.654072"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/axboe/fio/issues/1981"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/user-attachments/files/22266756/poc.zip"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-09-21T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-09-21T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-09-21T18:10:33.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "axboe fio init.c __parse_jobs_ini use after free"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-10824",
        "datePublished": "2025-09-23T00:02:06.575Z",
        "dateReserved": "2025-09-21T16:05:26.134Z",
        "dateUpdated": "2025-09-23T19:55:20.846Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-10823 (GCVE-0-2025-10823)

    Vulnerability from nvd – Published: 2025-09-22 23:32 – Updated: 2025-09-23 20:06
    VLAI
    Title
    axboe fio options.c str_buffer_pattern_cb null pointer dereference
    Summary
    A vulnerability was found in axboe fio up to 3.41. This affects the function str_buffer_pattern_cb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    axboe fio Affected: 3.0
    Affected: 3.1
    Affected: 3.2
    Affected: 3.3
    Affected: 3.4
    Affected: 3.5
    Affected: 3.6
    Affected: 3.7
    Affected: 3.8
    Affected: 3.9
    Affected: 3.10
    Affected: 3.11
    Affected: 3.12
    Affected: 3.13
    Affected: 3.14
    Affected: 3.15
    Affected: 3.16
    Affected: 3.17
    Affected: 3.18
    Affected: 3.19
    Affected: 3.20
    Affected: 3.21
    Affected: 3.22
    Affected: 3.23
    Affected: 3.24
    Affected: 3.25
    Affected: 3.26
    Affected: 3.27
    Affected: 3.28
    Affected: 3.29
    Affected: 3.30
    Affected: 3.31
    Affected: 3.32
    Affected: 3.33
    Affected: 3.34
    Affected: 3.35
    Affected: 3.36
    Affected: 3.37
    Affected: 3.38
    Affected: 3.39
    Affected: 3.40
    Affected: 3.41
    Create a notification for this product.
    Credits
    ahuo (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10823",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-23T20:05:47.325369Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-23T20:06:40.394Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "fio",
              "vendor": "axboe",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0"
                },
                {
                  "status": "affected",
                  "version": "3.1"
                },
                {
                  "status": "affected",
                  "version": "3.2"
                },
                {
                  "status": "affected",
                  "version": "3.3"
                },
                {
                  "status": "affected",
                  "version": "3.4"
                },
                {
                  "status": "affected",
                  "version": "3.5"
                },
                {
                  "status": "affected",
                  "version": "3.6"
                },
                {
                  "status": "affected",
                  "version": "3.7"
                },
                {
                  "status": "affected",
                  "version": "3.8"
                },
                {
                  "status": "affected",
                  "version": "3.9"
                },
                {
                  "status": "affected",
                  "version": "3.10"
                },
                {
                  "status": "affected",
                  "version": "3.11"
                },
                {
                  "status": "affected",
                  "version": "3.12"
                },
                {
                  "status": "affected",
                  "version": "3.13"
                },
                {
                  "status": "affected",
                  "version": "3.14"
                },
                {
                  "status": "affected",
                  "version": "3.15"
                },
                {
                  "status": "affected",
                  "version": "3.16"
                },
                {
                  "status": "affected",
                  "version": "3.17"
                },
                {
                  "status": "affected",
                  "version": "3.18"
                },
                {
                  "status": "affected",
                  "version": "3.19"
                },
                {
                  "status": "affected",
                  "version": "3.20"
                },
                {
                  "status": "affected",
                  "version": "3.21"
                },
                {
                  "status": "affected",
                  "version": "3.22"
                },
                {
                  "status": "affected",
                  "version": "3.23"
                },
                {
                  "status": "affected",
                  "version": "3.24"
                },
                {
                  "status": "affected",
                  "version": "3.25"
                },
                {
                  "status": "affected",
                  "version": "3.26"
                },
                {
                  "status": "affected",
                  "version": "3.27"
                },
                {
                  "status": "affected",
                  "version": "3.28"
                },
                {
                  "status": "affected",
                  "version": "3.29"
                },
                {
                  "status": "affected",
                  "version": "3.30"
                },
                {
                  "status": "affected",
                  "version": "3.31"
                },
                {
                  "status": "affected",
                  "version": "3.32"
                },
                {
                  "status": "affected",
                  "version": "3.33"
                },
                {
                  "status": "affected",
                  "version": "3.34"
                },
                {
                  "status": "affected",
                  "version": "3.35"
                },
                {
                  "status": "affected",
                  "version": "3.36"
                },
                {
                  "status": "affected",
                  "version": "3.37"
                },
                {
                  "status": "affected",
                  "version": "3.38"
                },
                {
                  "status": "affected",
                  "version": "3.39"
                },
                {
                  "status": "affected",
                  "version": "3.40"
                },
                {
                  "status": "affected",
                  "version": "3.41"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ahuo (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in axboe fio up to 3.41. This affects the function str_buffer_pattern_cb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used."
            },
            {
              "lang": "de",
              "value": "Eine Schwachstelle wurde in axboe fio up to 3.41 gefunden. Es geht um die Funktion str_buffer_pattern_cb der Datei options.c. Mit der Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Der Angriff erfordert einen lokalen Zugriff. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 1.7,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-22T23:32:10.940Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-325180 | axboe fio options.c str_buffer_pattern_cb null pointer dereference",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.325180"
            },
            {
              "name": "VDB-325180 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.325180"
            },
            {
              "name": "Submit #654069 | Jens Axboe Fio 3.41 / master commit 84787ad NULL Pointer Dereference",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.654069"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/axboe/fio/issues/1982"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/user-attachments/files/22266964/poc.zip"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-09-21T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-09-21T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-09-21T18:10:31.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "axboe fio options.c str_buffer_pattern_cb null pointer dereference"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-10823",
        "datePublished": "2025-09-22T23:32:10.940Z",
        "dateReserved": "2025-09-21T16:05:04.453Z",
        "dateUpdated": "2025-09-23T20:06:40.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-10824 (GCVE-0-2025-10824)

    Vulnerability from cvelistv5 – Published: 2025-09-23 00:02 – Updated: 2025-09-23 19:55
    VLAI
    Title
    axboe fio init.c __parse_jobs_ini use after free
    Summary
    A vulnerability was determined in axboe fio up to 3.41. This impacts the function __parse_jobs_ini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    axboe fio Affected: 3.0
    Affected: 3.1
    Affected: 3.2
    Affected: 3.3
    Affected: 3.4
    Affected: 3.5
    Affected: 3.6
    Affected: 3.7
    Affected: 3.8
    Affected: 3.9
    Affected: 3.10
    Affected: 3.11
    Affected: 3.12
    Affected: 3.13
    Affected: 3.14
    Affected: 3.15
    Affected: 3.16
    Affected: 3.17
    Affected: 3.18
    Affected: 3.19
    Affected: 3.20
    Affected: 3.21
    Affected: 3.22
    Affected: 3.23
    Affected: 3.24
    Affected: 3.25
    Affected: 3.26
    Affected: 3.27
    Affected: 3.28
    Affected: 3.29
    Affected: 3.30
    Affected: 3.31
    Affected: 3.32
    Affected: 3.33
    Affected: 3.34
    Affected: 3.35
    Affected: 3.36
    Affected: 3.37
    Affected: 3.38
    Affected: 3.39
    Affected: 3.40
    Affected: 3.41
    Create a notification for this product.
    Credits
    ahuo (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10824",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-23T19:53:53.085584Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-23T19:55:20.846Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "fio",
              "vendor": "axboe",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0"
                },
                {
                  "status": "affected",
                  "version": "3.1"
                },
                {
                  "status": "affected",
                  "version": "3.2"
                },
                {
                  "status": "affected",
                  "version": "3.3"
                },
                {
                  "status": "affected",
                  "version": "3.4"
                },
                {
                  "status": "affected",
                  "version": "3.5"
                },
                {
                  "status": "affected",
                  "version": "3.6"
                },
                {
                  "status": "affected",
                  "version": "3.7"
                },
                {
                  "status": "affected",
                  "version": "3.8"
                },
                {
                  "status": "affected",
                  "version": "3.9"
                },
                {
                  "status": "affected",
                  "version": "3.10"
                },
                {
                  "status": "affected",
                  "version": "3.11"
                },
                {
                  "status": "affected",
                  "version": "3.12"
                },
                {
                  "status": "affected",
                  "version": "3.13"
                },
                {
                  "status": "affected",
                  "version": "3.14"
                },
                {
                  "status": "affected",
                  "version": "3.15"
                },
                {
                  "status": "affected",
                  "version": "3.16"
                },
                {
                  "status": "affected",
                  "version": "3.17"
                },
                {
                  "status": "affected",
                  "version": "3.18"
                },
                {
                  "status": "affected",
                  "version": "3.19"
                },
                {
                  "status": "affected",
                  "version": "3.20"
                },
                {
                  "status": "affected",
                  "version": "3.21"
                },
                {
                  "status": "affected",
                  "version": "3.22"
                },
                {
                  "status": "affected",
                  "version": "3.23"
                },
                {
                  "status": "affected",
                  "version": "3.24"
                },
                {
                  "status": "affected",
                  "version": "3.25"
                },
                {
                  "status": "affected",
                  "version": "3.26"
                },
                {
                  "status": "affected",
                  "version": "3.27"
                },
                {
                  "status": "affected",
                  "version": "3.28"
                },
                {
                  "status": "affected",
                  "version": "3.29"
                },
                {
                  "status": "affected",
                  "version": "3.30"
                },
                {
                  "status": "affected",
                  "version": "3.31"
                },
                {
                  "status": "affected",
                  "version": "3.32"
                },
                {
                  "status": "affected",
                  "version": "3.33"
                },
                {
                  "status": "affected",
                  "version": "3.34"
                },
                {
                  "status": "affected",
                  "version": "3.35"
                },
                {
                  "status": "affected",
                  "version": "3.36"
                },
                {
                  "status": "affected",
                  "version": "3.37"
                },
                {
                  "status": "affected",
                  "version": "3.38"
                },
                {
                  "status": "affected",
                  "version": "3.39"
                },
                {
                  "status": "affected",
                  "version": "3.40"
                },
                {
                  "status": "affected",
                  "version": "3.41"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ahuo (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was determined in axboe fio up to 3.41. This impacts the function __parse_jobs_ini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in axboe fio up to 3.41 entdeckt. Es geht hierbei um die Funktion __parse_jobs_ini der Datei init.c. Durch die Manipulation mit unbekannten Daten kann eine use after free-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit wurde der \u00d6ffentlichkeit bekannt gemacht und k\u00f6nnte verwendet werden."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.3,
                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-23T00:02:06.575Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-325181 | axboe fio init.c __parse_jobs_ini use after free",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.325181"
            },
            {
              "name": "VDB-325181 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.325181"
            },
            {
              "name": "Submit #654072 | Jens Axboe Fio 3.41 / master commit 84787ad Use After Free",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.654072"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/axboe/fio/issues/1981"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/user-attachments/files/22266756/poc.zip"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-09-21T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-09-21T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-09-21T18:10:33.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "axboe fio init.c __parse_jobs_ini use after free"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-10824",
        "datePublished": "2025-09-23T00:02:06.575Z",
        "dateReserved": "2025-09-21T16:05:26.134Z",
        "dateUpdated": "2025-09-23T19:55:20.846Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-10823 (GCVE-0-2025-10823)

    Vulnerability from cvelistv5 – Published: 2025-09-22 23:32 – Updated: 2025-09-23 20:06
    VLAI
    Title
    axboe fio options.c str_buffer_pattern_cb null pointer dereference
    Summary
    A vulnerability was found in axboe fio up to 3.41. This affects the function str_buffer_pattern_cb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    axboe fio Affected: 3.0
    Affected: 3.1
    Affected: 3.2
    Affected: 3.3
    Affected: 3.4
    Affected: 3.5
    Affected: 3.6
    Affected: 3.7
    Affected: 3.8
    Affected: 3.9
    Affected: 3.10
    Affected: 3.11
    Affected: 3.12
    Affected: 3.13
    Affected: 3.14
    Affected: 3.15
    Affected: 3.16
    Affected: 3.17
    Affected: 3.18
    Affected: 3.19
    Affected: 3.20
    Affected: 3.21
    Affected: 3.22
    Affected: 3.23
    Affected: 3.24
    Affected: 3.25
    Affected: 3.26
    Affected: 3.27
    Affected: 3.28
    Affected: 3.29
    Affected: 3.30
    Affected: 3.31
    Affected: 3.32
    Affected: 3.33
    Affected: 3.34
    Affected: 3.35
    Affected: 3.36
    Affected: 3.37
    Affected: 3.38
    Affected: 3.39
    Affected: 3.40
    Affected: 3.41
    Create a notification for this product.
    Credits
    ahuo (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-10823",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-23T20:05:47.325369Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-23T20:06:40.394Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "fio",
              "vendor": "axboe",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0"
                },
                {
                  "status": "affected",
                  "version": "3.1"
                },
                {
                  "status": "affected",
                  "version": "3.2"
                },
                {
                  "status": "affected",
                  "version": "3.3"
                },
                {
                  "status": "affected",
                  "version": "3.4"
                },
                {
                  "status": "affected",
                  "version": "3.5"
                },
                {
                  "status": "affected",
                  "version": "3.6"
                },
                {
                  "status": "affected",
                  "version": "3.7"
                },
                {
                  "status": "affected",
                  "version": "3.8"
                },
                {
                  "status": "affected",
                  "version": "3.9"
                },
                {
                  "status": "affected",
                  "version": "3.10"
                },
                {
                  "status": "affected",
                  "version": "3.11"
                },
                {
                  "status": "affected",
                  "version": "3.12"
                },
                {
                  "status": "affected",
                  "version": "3.13"
                },
                {
                  "status": "affected",
                  "version": "3.14"
                },
                {
                  "status": "affected",
                  "version": "3.15"
                },
                {
                  "status": "affected",
                  "version": "3.16"
                },
                {
                  "status": "affected",
                  "version": "3.17"
                },
                {
                  "status": "affected",
                  "version": "3.18"
                },
                {
                  "status": "affected",
                  "version": "3.19"
                },
                {
                  "status": "affected",
                  "version": "3.20"
                },
                {
                  "status": "affected",
                  "version": "3.21"
                },
                {
                  "status": "affected",
                  "version": "3.22"
                },
                {
                  "status": "affected",
                  "version": "3.23"
                },
                {
                  "status": "affected",
                  "version": "3.24"
                },
                {
                  "status": "affected",
                  "version": "3.25"
                },
                {
                  "status": "affected",
                  "version": "3.26"
                },
                {
                  "status": "affected",
                  "version": "3.27"
                },
                {
                  "status": "affected",
                  "version": "3.28"
                },
                {
                  "status": "affected",
                  "version": "3.29"
                },
                {
                  "status": "affected",
                  "version": "3.30"
                },
                {
                  "status": "affected",
                  "version": "3.31"
                },
                {
                  "status": "affected",
                  "version": "3.32"
                },
                {
                  "status": "affected",
                  "version": "3.33"
                },
                {
                  "status": "affected",
                  "version": "3.34"
                },
                {
                  "status": "affected",
                  "version": "3.35"
                },
                {
                  "status": "affected",
                  "version": "3.36"
                },
                {
                  "status": "affected",
                  "version": "3.37"
                },
                {
                  "status": "affected",
                  "version": "3.38"
                },
                {
                  "status": "affected",
                  "version": "3.39"
                },
                {
                  "status": "affected",
                  "version": "3.40"
                },
                {
                  "status": "affected",
                  "version": "3.41"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "ahuo (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in axboe fio up to 3.41. This affects the function str_buffer_pattern_cb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used."
            },
            {
              "lang": "de",
              "value": "Eine Schwachstelle wurde in axboe fio up to 3.41 gefunden. Es geht um die Funktion str_buffer_pattern_cb der Datei options.c. Mit der Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Der Angriff erfordert einen lokalen Zugriff. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 1.7,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-22T23:32:10.940Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-325180 | axboe fio options.c str_buffer_pattern_cb null pointer dereference",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.325180"
            },
            {
              "name": "VDB-325180 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.325180"
            },
            {
              "name": "Submit #654069 | Jens Axboe Fio 3.41 / master commit 84787ad NULL Pointer Dereference",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.654069"
            },
            {
              "tags": [
                "issue-tracking"
              ],
              "url": "https://github.com/axboe/fio/issues/1982"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/user-attachments/files/22266964/poc.zip"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-09-21T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-09-21T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-09-21T18:10:31.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "axboe fio options.c str_buffer_pattern_cb null pointer dereference"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-10823",
        "datePublished": "2025-09-22T23:32:10.940Z",
        "dateReserved": "2025-09-21T16:05:04.453Z",
        "dateUpdated": "2025-09-23T20:06:40.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }