CVE-2026-30656

Name of the Vulnerable Software and Affected Versions fio (Flexible I/O Tester) version 3.41

Description A NULL pointer dereference occurs when parsing job files containing the 'fdp pli' option. The callback function str fdp pli cb() fails to validate the input pointer and calls strdup() on a NULL value when the option is provided without an argument, leading to a segmentation fault and process crash.

Recommendations As a temporary workaround, avoid using the 'fdp pli' option in job files until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.