CVE-2024-12718 Overview
CVE-2024-12718 is a Path Traversal vulnerability in Python's tarfile module that allows attackers to modify file metadata (such as last modified timestamps) or file permissions of files outside the intended extraction directory. This vulnerability affects applications using TarFile.extractall() or TarFile.extract() with the filter="data" or filter="tar" parameters when processing untrusted tar archives.
Critical Impact
Attackers can manipulate file metadata and permissions outside the extraction directory, potentially enabling privilege escalation or tampering with critical system files.
Affected Products
- Python 3.12 and later versions
- Python 3.14+ (where filter="data" is the new default)
- Applications using tarfile extraction filters with untrusted archives
Discovery Timeline
- 2025-06-03 - CVE CVE-2024-12718 published to NVD
- 2025-07-24 - Last updated in NVD database
Technical Details for CVE-2024-12718
Vulnerability Analysis
This vulnerability is classified as CWE-22 (Path Traversal), affecting Python's tarfile module extraction filters introduced in version 3.12. The core issue lies in incomplete sanitization of tar archive entries when using the filter="data" or filter="tar" parameters during extraction operations. While these filters were designed to provide security by restricting extraction behavior, they fail to properly validate certain operations that modify file metadata and permissions.
When filter="data" is specified, the tarfile module allows modifying file metadata such as the last modified timestamp of files outside the intended extraction directory. Similarly, when filter="tar" is used, an attacker can leverage specially crafted tar entries to change file permissions (chmod) on arbitrary files in the filesystem that the Python process has access to.
This is particularly concerning for Python 3.14 and later, where the default filter behavior changed from "no filtering" to filter="data", meaning applications relying on the new default behavior are vulnerable without explicitly specifying a more restrictive filter.
Root Cause
The root cause stems from insufficient path validation in the tarfile extraction filter implementation. The extraction filters were intended to prevent path traversal attacks, but the implementation contains logic flaws that allow certain tar archive members to bypass the directory containment checks when performing metadata modifications. The filter correctly blocks file content extraction outside the target directory but fails to apply the same restrictions to metadata operations like os.utime() and permission changes via os.chmod().
Attack Vector
The attack vector is network-based, requiring no privileges or user interaction. An attacker can craft a malicious tar archive containing entries with specially constructed paths or symlink chains. When a vulnerable application extracts this archive using TarFile.extractall() or TarFile.extract() with the affected filter settings, the malicious entries can:
- Modify timestamps of sensitive files outside the extraction directory (with filter="data")
- Change file permissions on arbitrary accessible files (with filter="tar")
This attack can be used to tamper with log files, alter security-relevant file attributes, or potentially enable further exploitation by changing permissions on executable files. Technical details and proof-of-concept code are available in the GitHub Gist by Seth Larson.
Detection Methods for CVE-2024-12718
Indicators of Compromise
- Unexpected file permission changes on system files or application files outside normal extraction directories
- Modified timestamps on critical files that shouldn't have been accessed
- Log entries showing tarfile extraction operations followed by anomalous file system activity
- Presence of tar archives with suspicious symlink entries or path components containing .. sequences
Detection Strategies
- Monitor Python applications for tarfile.TarFile.extractall() or tarfile.TarFile.extract() calls with filter="data" or filter="tar" parameters processing external input
- Implement file integrity monitoring (FIM) on critical system and application files to detect unauthorized metadata changes
- Audit Python version deployments to identify systems running Python 3.12+ with potentially vulnerable tarfile usage patterns
- Review application logs for tar extraction operations involving untrusted sources
Monitoring Recommendations
- Enable filesystem auditing to track chmod and utime syscalls from Python processes handling tar archives
- Implement SentinelOne behavioral analysis to detect anomalous file metadata modifications following archive extraction
- Set up alerts for permission changes on sensitive directories such as /etc/, application binaries, and configuration files
- Monitor for Python processes accessing files outside expected working directories during archive operations
How to Mitigate CVE-2024-12718
Immediate Actions Required
- Audit all Python applications using the tarfile module to identify vulnerable extraction patterns
- Upgrade Python to patched versions that include the security fixes from the cpython commits
- Avoid extracting untrusted tar archives until patches are applied
- Consider using filter=None to disable filtering entirely if your application properly validates archives through other means
Patch Information
Python has released patches addressing this vulnerability across multiple maintained branches. The fixes ensure that path validation is consistently applied to both file content extraction and metadata operations. Security patches are available through the following commits:
For complete details, refer to the Python Security Mailing List announcement and related GitHub issues #127987 and #135034.
Workarounds
- Implement pre-extraction validation to inspect tar archive contents and reject entries with suspicious paths or symlinks
- Run tar extraction operations in sandboxed environments with restricted filesystem access using chroot or containerization
- Apply principle of least privilege by running Python applications that process tar archives with minimal filesystem permissions
- Use custom extraction filters that explicitly validate all paths before any filesystem operations
# Configuration example - Run Python tar extraction in restricted environment
# Create a chroot jail for tar extraction operations
mkdir -p /var/lib/tar-sandbox/extract
chown restricted-user:restricted-group /var/lib/tar-sandbox/extract
# Run Python extraction with restricted permissions
sudo -u restricted-user python3 -c "
import tarfile
import os
os.chdir('/var/lib/tar-sandbox/extract')
# Use fully_trusted filter only if source is verified
with tarfile.open('archive.tar') as tf:
tf.extractall(filter='fully_trusted')
"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
