Full Report
Forks of forks of forks, but which ones are patched? A vulnerability in the popular Rust crate async-tar has affected the fast uv Python package manager, which uses a forked version that's now patched – but the most widely downloaded version remains unfixed.…
Analysis Summary
# Vulnerability: Logic Flaw in Tar Header Parsing Allowing File Smuggling in `async-tar` Forks
## CVE Details
- CVE ID: Not specified in the provided text.
- CVSS Score: Not specified in the provided text.
- CWE: Logic Error (related to improper input validation/parsing)
## Affected Systems
- Products: `uv` Python Package Manager (due to dependency on a vulnerable fork), `tokio-tar` (most popular fork).
- Versions: Unspecified vulnerable versions of the dependent crates (`tokio-tar`, potentially others). The issue exists in forks that have not yet applied the header parsing fix.
- Configurations: Systems relying on tar archive parsing implementations derived from the original `async-tar` that do not correctly handle combined ustar/pax headers.
## Vulnerability Description
The vulnerability is a logic error in the header parsing code within derivatives of the Rust crate `async-tar`. Tar format supports both ustar and pax headers. When a file entry contains both header types, the vulnerable code advances the stream position based on the **ustar size**, often zero, instead of the overriding **pax size**. This misinterpretation allows an attacker to smuggle extra data within the archive structure, causing the parser to interpret subsequent file content as a new tar header.
## Exploitation
- Status: Details on whether exploitation is confirmed are not provided, but the potential consequences (file overwriting, supply chain attacks) are significant. PoC availability is not explicitly mentioned.
- Complexity: Unknown, but logic bugs exploiting format specification deviations can sometimes be low complexity if the input can be easily crafted.
- Attack Vector: Depends on how the input archive is consumed, but generally involves file injection/supply chain vectors.
## Impact
- Confidentiality: Potential loss due to supply chain compromise leading to unauthorized code execution or data access.
- Integrity: High risk of file overwriting attacks and supply chain compromise via package manager exploitation.
- Availability: Risk of system instability or compromise following successful exploitation.
## Remediation
### Patches
The following related crates have documented patches:
* **`async-tar`**: Patched.
* **`astral-tokio-tar`**: Patched (This is the version used by `uv`).
* **`krata-tokio-tar`** (Edera's fork): Patch is available, but this fork is slated for archiving.
### Workarounds
* Switching usage away from the popular, unpatched `tokio-tar` crate.
* Switching to the standard (non-async) `tar` crate, which reportedly functions correctly.
* Migrating to one of the patched forks, such as `astral-tokio-tar`.
## Detection
- Indicators of Compromise: Files or artifacts appearing in unexpected locations, or build processes failing due to unexpected archive structure interpretation.
- Detection Methods and Tools: Scanning dependency trees for usage of the unpatched `tokio-tar` crate. Security scanners that deeply inspect archive contents for anomalies related to header size discrepancies may be relevant.
## References
- [Edera disclosure story - defanged: hxxps://edera[.]dev/stories/tarmageddon]
- [The Register Article - defanged: hxxps://www[.]theregister[.]com/2025/10/22/vulnerable_rust_crate_exposes_uv/]