CVE-2026-30656

Published: Apr 16, 2026 Last Modified: Apr 16, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,5

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: none

Availability: high

Description

AI Translation Available

A NULL pointer dereference vulnerability exists in fio (Flexible I/O Tester) v3.41 when parsing job files containing the fdp_pli option. The callback function str_fdp_pli_cb() does not validate the input pointer and calls strdup() on a NULL value when the option is specified without an argument. This results in a segmentation fault and process crash.

476

NULL Pointer Dereference

Stable

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity Confidentiality

Potential Impacts:

Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands Read Memory Modify Memory

Applicable Platforms

Languages: C, C#, C++, Go, Java

Likelihood of Exploit: Medium

View CWE Details

https://gist.github.com/Criticayon/eb5e69163bfa4ce684e62ed5…

https://gist.github.com/Criticayon/eb5e69163bfa4ce684e62ed5c939b76e

https://github.com/axboe/fio/issues/2055

CVE-2026-30656

Description

NULL Pointer Dereference

Common Consequences

Applicable Platforms

Iscriviti alla newsletter