Name | CVE-2025-8194 |
Description | There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1 |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
python2.7 (PTS) | bullseye | 2.7.18-8+deb11u1 | vulnerable |
python3.11 (PTS) | bookworm | 3.11.2-6+deb12u6 | vulnerable |
bookworm (security) | 3.11.2-6+deb12u3 | vulnerable | |
python3.13 (PTS) | sid, trixie | 3.13.5-2 | vulnerable |
python3.9 (PTS) | bullseye | 3.9.2-1 | vulnerable |
bullseye (security) | 3.9.2-1+deb11u3 | vulnerable |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
python2.7 | source | bullseye | (unfixed) | end-of-life | ||
python2.7 | source | (unstable) | (unfixed) | |||
python3.11 | source | (unstable) | (unfixed) | |||
python3.12 | source | (unstable) | (unfixed) | |||
python3.13 | source | (unstable) | (unfixed) | |||
python3.9 | source | (unstable) | (unfixed) |
[bookworm] - python3.11 <no-dsa> (Minor issue)
[bullseye] - python3.9 <postponed> (Minor issue)
[bullseye] - python2.7 <end-of-life> (EOL in bullseye LTS)
https://github.com/python/cpython/issues/130577
https://github.com/python/cpython/pull/137027
https://mail.python.org/archives/list/security-announce@python.org/thread/ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D/
Fixed by: https://github.com/python/cpython/commit/7040aa54f14676938970e10c5f74ea93cd56aa38 (main)
Fixed by: https://github.com/python/cpython/commit/cdae923ffe187d6ef916c0f665a31249619193fe (3.13-branch)