Bug 2384043 (CVE-2025-8194)
| Summary: | CVE-2025-8194 cpython: Cpython infinite loop when parsing a tarfile | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | bbrownin, daisy82lopez, dfreiber, drow, jburrell, ljawale, luizcosta, nweather, rbobbitt, vkumar |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in the Python tarfile module. Processing a specially crafted tar archive, specifically an archive with negative offsets, can cause an infinite loop and deadlock. This issue results in a denial of service in the Python application using the tarfile module.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2384060, 2384071, 2384073, 2384061, 2384062, 2384063, 2384064, 2384066, 2384067, 2384068, 2384069, 2384070, 2384072, 2384074, 2384075, 2384076, 2384077, 2384078, 2384079, 2384080, 2384081 | ||
| Bug Blocks: | |||
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:14546 https://access.redhat.com/errata/RHSA-2025:14546 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:14560 https://access.redhat.com/errata/RHSA-2025:14560 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:14841 https://access.redhat.com/errata/RHSA-2025:14841 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:14900 https://access.redhat.com/errata/RHSA-2025:14900 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:14984 https://access.redhat.com/errata/RHSA-2025:14984 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:15007 https://access.redhat.com/errata/RHSA-2025:15007 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:15010 https://access.redhat.com/errata/RHSA-2025:15010 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:15019 https://access.redhat.com/errata/RHSA-2025:15019 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:15348 https://access.redhat.com/errata/RHSA-2025:15348 This issue has been addressed in the following products: RHEL-8 based Middleware Containers Via RHSA-2025:15358 https://access.redhat.com/errata/RHSA-2025:15358 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:15724 https://access.redhat.com/errata/RHSA-2025:15724 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:15800 https://access.redhat.com/errata/RHSA-2025:15800 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:15968 https://access.redhat.com/errata/RHSA-2025:15968 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:16012 https://access.redhat.com/errata/RHSA-2025:16012 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:16016 https://access.redhat.com/errata/RHSA-2025:16016 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:16031 https://access.redhat.com/errata/RHSA-2025:16031 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:16062 https://access.redhat.com/errata/RHSA-2025:16062 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:16078 https://access.redhat.com/errata/RHSA-2025:16078 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:16117 https://access.redhat.com/errata/RHSA-2025:16117 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:16118 https://access.redhat.com/errata/RHSA-2025:16118 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:16152 https://access.redhat.com/errata/RHSA-2025:16152 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:16153 https://access.redhat.com/errata/RHSA-2025:16153 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:16151 https://access.redhat.com/errata/RHSA-2025:16151 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:16262 https://access.redhat.com/errata/RHSA-2025:16262 CVE-2025-48924 is an uncontrolled-recursion vulnerability in Apache Commons Lang’s ClassUtils.getClass(...) that can cause a StackOverflowError (and thus a denial-of-service) when very long or specially crafted class name strings are processed; it affects commons-lang 2.0–2.6 and commons-lang3 3.0 up to (but not including) 3.18.0, and the issue is fixed in commons-lang3 3.18.0 — mitigation steps are to scan your dependency tree (including transitive dependencies), upgrade to 3.18.0+ (or migrate off vulnerable 2.x), add input-length/structure checks if you can’t immediately upgrade, monitor for StackOverflowError crashes, and communicate the fix plan to stakeholders so the library upgrade and testing can be scheduled. https://www.ez-passpa.com |
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: import tarfile def _block_patched(self, count): if count < 0: # pragma: no cover raise tarfile.InvalidHeaderError("invalid offset") return _block_patched._orig_block(self, count) _block_patched._orig_block = tarfile.TarInfo._block tarfile.TarInfo._block = _block_patched