How TARmageddon Compromises Rust Security: A Developer’s Guide
Edera, the security company focused on hardened container runtime security for Kubernetes and AI workloads, has uncovered a new, nasty Rust vulnerability.
Dubbed TARmageddon (CVE-2025-62518), this is a critical flaw in the tokio-tar library and its forks. This potentially allows remote code execution (RCE) across a range of widely used software programs, including Astral’s uv Python package manager and wasmCloud. Other programs almost certainly have vulnerable code hidden inside them as well. With a Common Vulnerability Scoring System (CVSS) v3.1 base score of 8.1, it’s a high-severity vulnerability.
In other words, it’s nasty.
The issue stems from a desynchronization bug in TAR parsing logic that lets attackers “smuggle” extra files into nested TAR archives — specifically, if a TAR entry includes mismatched PAX and ustar headers, with correct-size data in PAX but a zero-byte ustar entry. In that case, the parser misinterprets inner archive content as part of the outer archive. This can lead to overwriting files during extraction, tampering with build systems or bypassing software composition analysis tools that rely on clean manifests.
“Wait, wait,” you say, “Isn’t Rust immune to this kind of memory hole?” Well, yes and no.
The Implications of TAR Parsing Logic Flaws
As Alex Zenla, Edera’s co-founder and CTO, told me in an interview, “The bug we found was a logic bug, not a memory safety bug, which is an important clarification. While Rust is designed to be inherently more memory-safe than C, you can still introduce memory bugs, primarily because of the use of unsafe blocks. Rust’s core memory safety guarantees are enforced by the compiler and its ownership and borrowing system. When you use the unsafe keyword, you are essentially telling the compiler, ‘Trust me, I know what I’m doing,’ and asking it to suspend some of its memory safety checks within that block of code.” Spoiler alert, the writers of the tokio-tar library didn’t know what they were doing.
While Rust’s type system offers strong memory safety guarantees, TARmageddon underlines that logic bugs remain a potent attack surface. Edera’s disclosure notes that even safe languages cannot prevent vulnerabilities arising from incorrect assumptions or unmaintained dependencies. This, my friends, remains a recurring worry in the modern open source supply chain.
Rust’s Memory Safety and Logic Bugs
In this particular case, what this means for developers is that there are three major exploitation vectors:
- Python Build Backend Hijacking: A malicious PyPI package could embed a nested TAR to overwrite critical config files like pyproject.toml, resulting in RCE on developer machines or CI pipelines.
- Container Image Poisoning: Tools using TAR-based extraction (such as testcontainers) could process malicious image layers that silently inject unapproved content.
- Manifest and BOM Bypass: Security scanners could validate a “clean” TAR while the actual extraction includes hidden files from an inner archive, undermining trust in supply chain integrity.
The good news is that patched releases are now available for astral-tokio-tar (used by uv) and krata-tokio-tar, with changes that ensure PAX headers take precedence over ustar headers and enforce strict boundary validation. Projects unable to immediately migrate are advised to temporarily switch to Rust’s synchronous tar crate or wrap synchronous operations with tokio::task::spawn_blocking() for async use. Runtime mitigations include manifest validation, sandboxed extraction and bans on file overwrites.
Challenges of Open Source Abandonware
The bad news is, unlike your run-of-the-mill security patch, where vulnerabilities are patched upstream, TARmageddon’s remediation was complicated by the fact that the original tokio-tar project is abandonware. That hasn’t stopped the library from being downloaded over 5 million times on crates.io. Nonetheless, there are no active maintainers or SECURITY.md contact info. Edera had to manually trace the fork lineage — from async-tar to tokio-tar, krata-tokio-tar and finally astral-tokio-tar — and coordinate patch releases across forks. I do not envy the Edera developers this job.
When asked about it, Zenia said, “While hard numbers on actively used open source projects that meet a strict ‘abandonware’ definition are elusive, the use of unmaintained, legacy open source components with known security risks is pervasive. For example, the sheer volume of packages on crates.io, coupled with a high rate of project dormancy, makes finding unmaintained dependencies almost inevitable in a nontrivial Rust project.”
In other words, the underlying problem, open source abandonware, is far bigger than this single Rust security issue. Programmers, beware!
