DEBIAN-CVE-2025-10824

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2025-10824

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-10824.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2025-10824

Upstream

CVE-2025-10824

Published

2025-09-23T01:15:36.197Z

Modified

2025-12-14T10:13:23.412087Z

Severity

1.9 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Summary

[none]

Details

A vulnerability was determined in axboe fio up to 3.41. This impacts the function _parsejobs_ini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized.

References

https://security-tracker.debian.org/tracker/CVE-2025-10824

Affected packages

Debian:11 / fio

Package

Name: fio
Purl: pkg:deb/debian/fio?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.25-2

3.28-1

3.30-1

3.32-1

3.32-2

3.33-1

3.33-2

3.33-3

3.35-1

3.35-2

3.35-3

3.35-4

3.36-1

3.37-1

3.38-1

3.39-1

3.41-1

3.41-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-10824.json"

Debian:12 / fio

Package

Name: fio
Purl: pkg:deb/debian/fio?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.33-3

3.35-1

3.35-2

3.35-3

3.35-4

3.36-1

3.37-1

3.38-1

3.39-1

3.41-1

3.41-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-10824.json"

Debian:13 / fio

Package

Name: fio
Purl: pkg:deb/debian/fio?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.39-1

3.41-1

3.41-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-10824.json"

Debian:14 / fio

Package

Name: fio
Purl: pkg:deb/debian/fio?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.39-1

3.41-1

3.41-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-10824.json"