CVE-2025-8194

28.07.2025, 19:15

There is a defect in the CPython tarfile module affecting the TarFile extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. 

This vulnerability can be mitigated by including the following patch after importing the tarfile module:



import tarfile

def _block_patched(self, count):
  if count < 0:  # pragma: no cover
    raise tarfile.InvalidHeaderError("invalid offset")
  return _block_patched._orig_block(self, count)

_block_patched._orig_block = tarfile.TarInfo._block
tarfile.TarInfo._block = _block_patched

Infinite Loop

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
PSF	CNA	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Common Weakness Enumeration

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Vulnerability Media Exposure

[GERMAN] Python: Schwachstelle ermöglicht Denial of Service
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Python ausnutzen, um einen Denial of Service Angriff durchzuführen.
Published: 2025-07-28T22:00:00+00:00

References

https://github.com/python/cpython/commit/7040aa54f14676938970e10c5f74ea93cd56aa38

https://github.com/python/cpython/commit/cdae923ffe187d6ef916c0f665a31249619193fe

https://github.com/python/cpython/issues/130577

https://github.com/python/cpython/pull/137027

https://mail.python.org/archives/list/security-announce@python.org/thread/ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D/