astral-tokio-tar, Symlink directory permission modification, CVE-2026-33056 (Moderate)

By /

Listen to this Post

The vulnerability exists in the unpack_in API of astral-tokio-tar versions 0.6.0 and earlier. This API uses fs::metadata() to check whether an existing path is a directory. The fs::metadata() function follows symbolic links. An attacker can craft a malicious tar archive containing two specially crafted entries: a symlink entry pointing to an external directory, followed by a directory entry with the same name. When the unpack_in API processes the directory entry, it first checks if the symlink already exists. Because fs::metadata() follows the symlink, the API incorrectly treats the symlink’s target as an existing directory. The API then proceeds to apply the directory’s permission bits (via chmod) to the symlink’s target. Since the target is an arbitrary directory outside the extraction root, the attacker can modify the permissions of any directory on the system that the extraction process has access to. This flaw only affects directories; individual file permissions cannot be modified via this method. The fix involves replacing fs::metadata() with fs::symlink_metadata() in the unpack_dir function. This change prevents symlinks from being followed, causing the API to reject symlinks instead of traversing them. The issue was reported by @xokdvium and patched in version 0.6.1.
Platform: astral-tokio-tar
Version: 0.6.0 earlier
Vulnerability : Symlink directory chmod
Severity: Moderate
date: May 5 2026

Prediction: Patch on 2026-05-05

Analytics under heading What Undercode Say:

Check vulnerable version in Cargo.toml
grep "astral-tokio-tar" Cargo.toml
Inspect dependency tree for vulnerable crate
cargo tree | grep astral-tokio-tar
Simulate symlink metadata check
cargo run --example unpack_malicious
Patch to safe version 0.6.1
cargo update -p astral-tokio-tar --precise 0.6.1

Exploit:

Create a tar with a symlink `foo -> /target/dir` and a directory foo/; extraction follows symlink and chmods /target/dir.

Protection from this CVE

Upgrade to astral-tokio-tar >=0.6.1. If immediate upgrade is impossible, avoid processing untrusted tar archives with the unpack_in API.

Impact:

Arbitrary directory permission modification outside extraction root, enabling privilege escalation or denial-of-service.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top