CVE-2025-10824
BaseFortify
Publication date: 2025-09-23
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| axboe | fio | 3.41 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a heap use-after-free bug in the fio tool, specifically in the __parse_jobs_ini function. During job option parsing, an array of options (opts) is dynamically allocated and then freed, but the freed pointer is still used later in the code when sorting options with qsort. This causes the program to access memory that has already been freed, leading to potential crashes or undefined behavior. The issue arises because the comparator function opt_cmp dereferences entries from the freed opts array during sorting. [1]
How can this vulnerability impact me? :
This vulnerability can cause the fio program to crash due to use-after-free memory access. Additionally, because it involves accessing freed memory, it may lead to undefined behavior or potentially be exploited by an attacker who can run code locally. The attack requires local access and a specially crafted input file to trigger the issue. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by running the fio tool with a specially crafted input file that triggers the use-after-free during option parsing. Specifically, you can use the command `./fio --parse-only poc` where 'poc' is a proof-of-concept file designed to reproduce the crash. Additionally, running fio under AddressSanitizer (ASan) or UndefinedBehaviorSanitizer (UBSan) can help detect the heap use-after-free condition. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding running untrusted or crafted fio job files locally, as the attack requires local execution. Applying any available patches or updates to fio that fix the use-after-free in __parse_jobs_ini is recommended. If no patch is available yet, consider restricting access to the fio tool or running it in a restricted environment to limit potential exploitation. [1]