new file mode 100644
@@ -0,0 +1,37 @@
+From 6a39dfaffdb8a6c2080eec0dc7fb1ee532d54025 Mon Sep 17 00:00:00 2001
+From: Jens Axboe <axboe@kernel.dk>
+Date: Tue, 23 Sep 2025 11:50:46 -0600
+Subject: [PATCH] options: check for NULL input string and fail
+
+Waste of time busy work.
+
+Link: https://github.com/axboe/fio/issues/1982
+
+CVE: CVE-2025-10823
+
+Upstream-Status: Backport
+https://github.com/axboe/fio/commit/6a39dfaffdb8a6c2080eec0dc7fb1ee532d54025
+
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Saravanan <saravanan.kadambathursubramaniyam@windriver.com>
+---
+ options.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/options.c b/options.c
+index e06d9b66..533d7145 100644
+--- a/options.c
++++ b/options.c
+@@ -1487,6 +1487,9 @@ static int str_buffer_pattern_cb(void *data, const char *input)
+ struct thread_data *td = cb_data_to_td(data);
+ int ret;
+
++ if (!input)
++ return 1;
++
+ /* FIXME: for now buffer pattern does not support formats */
+ ret = parse_and_fill_pattern(input, strlen(input), td->o.buffer_pattern,
+ MAX_PATTERN_SIZE, NULL, NULL, NULL);
+--
+2.35.5
+
@@ -26,6 +26,8 @@ SRCREV = "a3e48f483db27d20e02cbd81e3a8f18c6c5c50f5"
SRC_URI = "git://git.kernel.dk/fio.git;branch=master \
"
+SRC_URI += "file://CVE-2025-10823.patch"
+
S = "${WORKDIR}/git"
# avoids build breaks when using no-static-libs.inc
Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-10823 https://github.com/axboe/fio/issues/1982 Upstream-patch: https://github.com/axboe/fio/commit/6a39dfaffdb8a6c2080eec0dc7fb1ee532d54025 Signed-off-by: Saravanan <saravanan.kadambathursubramaniyam@windriver.com> --- .../fio/fio/CVE-2025-10823.patch | 37 +++++++++++++++++++ meta-oe/recipes-benchmark/fio/fio_3.30.bb | 2 + 2 files changed, 39 insertions(+) create mode 100644 meta-oe/recipes-benchmark/fio/fio/CVE-2025-10823.patch