CVE-2025-10824

Summary

A vulnerability was determined in axboe fio up to 3.41. This impacts the function __parse_jobs_ini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized.

Affected Software

VendorProductVersion RangeStatus
axboefio3.0affected
axboefio3.1affected
axboefio3.2affected
axboefio3.3affected
axboefio3.4affected
axboefio3.5affected
axboefio3.6affected
axboefio3.7affected
axboefio3.8affected
axboefio3.9affected
axboefio3.10affected
axboefio3.11affected
axboefio3.12affected
axboefio3.13affected
axboefio3.14affected
axboefio3.15affected
axboefio3.16affected
axboefio3.17affected
axboefio3.18affected
axboefio3.19affected
axboefio3.20affected
axboefio3.21affected
axboefio3.22affected
axboefio3.23affected
axboefio3.24affected
axboefio3.25affected
axboefio3.26affected
axboefio3.27affected
axboefio3.28affected
axboefio3.29affected
axboefio3.30affected
axboefio3.31affected
axboefio3.32affected
axboefio3.33affected
axboefio3.34affected
axboefio3.35affected
axboefio3.36affected
axboefio3.37affected
axboefio3.38affected
axboefio3.39affected
axboefio3.40affected
axboefio3.41affected

Weaknesses

  • CWE-416: Use After Free
  • CWE-119: Memory Corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References