CVE-2025-10824 – A use-after-free vulnerability in axboe fio's

Q: What is the severity of CVE-2025-10824?

CVE-2025-10824 has a CVSS score of 5.3 (MEDIUM). A use-after-free vulnerability in axboe fio's __parse_jobs_ini function allows local attackers to potentially execute arbitrary code or cause denial of service. This affects systems running fio versions up to 3.41. The vulnerability requires local access to exploit.

📋 TL;DR

A use-after-free vulnerability in axboe fio's __parse_jobs_ini function allows local attackers to potentially execute arbitrary code or cause denial of service. This affects systems running fio versions up to 3.41. The vulnerability requires local access to exploit.

💻 Affected Systems

Products:

axboe fio

Versions: up to and including 3.41

Operating Systems: Linux, Unix-like systems

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where fio is installed and accessible to local users

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise or persistent backdoor installation

🟠

Likely Case

Denial of service causing fio to crash or local user gaining elevated privileges

🟢

If Mitigated

Limited impact due to proper access controls and isolation of fio processes

🌐 Internet-Facing: LOW - Requires local access, cannot be exploited remotely

🏢 Internal Only: MEDIUM - Local users could exploit this for privilege escalation or DoS

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Proof of concept available in GitHub references, requires local access and knowledge of fio usage

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.42 or later

Vendor Advisory: https://github.com/axboe/fio/issues/1981

Restart Required: No

Instructions:

1. Check current fio version with 'fio --version'. 2. If version is 3.41 or earlier, upgrade to 3.42+. 3. For package managers: 'apt update && apt upgrade fio' or 'yum update fio'. 4. For source: download latest from GitHub and compile.

🔧 Temporary Workarounds

Restrict fio access

all

Limit which users can execute fio binary to reduce attack surface

chmod 750 /usr/bin/fio
setfacl -m u:root:rwx /usr/bin/fio
setfacl -m g:trusted_users:rx /usr/bin/fio

🧯 If You Can't Patch

Implement strict access controls to limit which users can run fio
Run fio in isolated containers or VMs with minimal privileges

🔍 How to Verify

Check if Vulnerable:

Run 'fio --version' and check if output shows 3.41 or earlier

Check Version:

fio --version

Verify Fix Applied:

After patching, run 'fio --version' and confirm version is 3.42 or later

📡 Detection & Monitoring

Log Indicators:

Segmentation faults in fio processes
Unexpected fio crashes with memory errors
Abnormal fio process termination

Network Indicators:

None - local exploit only

SIEM Query:

process.name:"fio" AND (event.action:"segmentation_fault" OR event.outcome:"failure")

📊 Metadata

CVE ID: CVE-2025-10824

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-119

EPSS Score: 0.03% exploit probability (6.2th percentile)

Published: September 23, 2025

Last Updated: September 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10824, you might also want to check these: