Description
tarfile.extractall() with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower path, letting a relative target the filter judged contained escape the destination directory. This allowed a malicious tar archive to create a symlink pointing outside the destination, enabling out-of-destination file reads or writes. This was an incomplete fix of CVE-2025-4330.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
None
Integrity (Vulnerable System)
None
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
High
Integrity (Subsequent System)
High
Availability (Subsequent System)
None
Affected products
- Python Software Foundation / CPython0 – 3.15.0
References
- PATCHhttps://github.com/python/cpython/pull/151559
- MISChttps://mail.python.org/archives/list/security-announce@python.org/thread/LD6QIISNQFQYOIEPJNEUIPV7S3V76FZH/
- MISChttps://github.com/python/cpython/issues/151558
- PATCHhttps://github.com/python/cpython/commit/27dd970bf6b17ebca7c8ed486a40ab043ed7af8f
- PATCHhttps://github.com/python/cpython/commit/672825e2f36a57e173959b0d9d409d4560dab8df
- PATCHhttps://github.com/python/cpython/commit/771d12dda5140313db0ac550292987975651bbde
- PATCHhttps://github.com/python/cpython/commit/79c06bd5c6afa3c440d50faf7ee1b147c8832b4c