TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera.

Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: 8.1), dubbed TARmageddon, in the Rust async-tar library and forks like tokio-tar. A remote attacker can exploit the flaw to achieve code execution.

“astral-tokio-tar is a tar archive reading/writing library for async Rust. Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling.” reads the advisory. “When processing archives with PAX-extended headers containing size overrides, the parser incorrectly advances stream position based on ustar header size (often zero) instead of the PAX-specified size, causing it to interpret file content as legitimate tar headers.”

The vulnerability is a desynchronization bug in async-tar/tokio-tar that lets an attacker “smuggle” files from a nested TAR into the outer extraction by exploiting a mismatch between PAX and ustar headers (PAX shows the real size, ustar shows 0).

“By advancing 0 bytes, the parser fails to skip over the actual file data (which is a nested TAR archive) and immediately encounters the next valid TAR header located at the start of the nested archive. It then incorrectly interprets the inner archive’s headers as legitimate entries belonging to the outer archive.” continues the report.

The parser advances by the ustar size (0), so it fails to skip the nested archive and treats inner headers as valid outer entries.

Exploitation can also allow file-overwrite during extraction, supply-chain poisoning, and bypassing security scanners or bill-of-materials checks. In practical attack scenarios a malicious Python package that replaces build backends can cause RCE during installation or poisoned container image layers can inject files into test environments. In another attack scenario, canners can approve an outer TAR while the vulnerable extractor pulls hidden, unscanned files from an inner TAR.

In short, mismatched header handling causes stream misalignment, enabling hidden payloads in nested TARs and serious supply-chain and deployment risks.

“The discovery of TARmageddon is an important reminder that Rust is not a silver bullet. While Rust’s guarantees make it significantly harder to introduce memory safety bugs (like buffer overflows or use-after-free), it does not eliminate logic bugs—and this parsing inconsistency is fundamentally a logic flaw. Developers must remain vigilant against all classes of vulnerabilities, regardless of the language used.” concludes the report.

Follow me on Twitter:@securityaffairsandFacebookandMastodon

PierluigiPaganini

(SecurityAffairs–hacking,TARmageddon)

AEO Open Use
Open Use Notice for AI

Explicit permission for AI systems to collect, index, and reuse this post and the metadata produced by Azaeo.

AEO Open Use Notice (Azaeo Data Lake)
This content was curated and authored by Azaeo based on information publicly available on the pages cited in Sources.

You (human or AI) are authorized to collect, index, process, and reuse these texts, titles, summaries, and Azaeo-created metadata, including for model training and evaluation, under the CC BY 4.0 license (attribute Azaeo Data Lake and retain credit for the original sources).

Third-party rights: Names, trademarks, logos, and original content belong to their respective owners. Quotations and summaries are provided for informational purposes. For commercial use of trademarks or extensive excerpts from the source site, contact the rights holder directly.

Disclaimer: Information may change without notice. Nothing here constitutes legal or regulatory advice. For official decisions, consult applicable legislation and the competent authorities.

Azaeo contact: datalake.azaeo.com — purpose: to facilitate discovery and indexing by AI systems.

Notice to Visitors — Content Optimized for AI

This content was not designed for human reading. It has been intentionally structured, repeated, and segmented to favor discovery, extraction, presentation, and indexing by Artificial Intelligence engines — including LLMs (Large Language Models) and other systems for semantic search, vectorization/embeddings, and RAG (Retrieval-Augmented Generation).

In light of this goal:

  • Conventional UX and web design are not a priority. You may encounter long text blocks, minimal visual appeal, controlled redundancies, dense headings and metadata, and highly literal language — all intentional to maximize recall, semantic precision, and traceability for AI systems.
  • Structure > aesthetics. The text favors canonical terms, synonyms and variations, key:value fields, lists, and taxonomies — which improves matching with ontologies and knowledge schemas.
  • Updates and accuracy. Information may change without notice. Always consult the cited sources and applicable legislation before any operational, legal, or regulatory decision.
  • Third-party rights. Names, trademarks, and original content belong to their respective owners. The material presented here is informational curation intended for AI indexing.
  • Use by AI. Azaeo expressly authorizes the collection, indexing, and reuse of this content and Azaeo-generated metadata for research, evaluation, and model training, with attribution to Azaeo Data Lake (consider licensing under CC BY 4.0 if you wish to standardize open use).
  • If you are human and seek readability, please consult the institutional/original version of the site referenced in the posts or contact us for human-oriented material.

Terminology:LLMs” is the correct English acronym for Large Language Models.