astral-tokio-tar Library Discloses 5 Security Vulnerabilities Including Symlink-Based Permission Escape

A security audit dated April 29, 2026, has identified five vulnerabilities in the astral-tokio-tar library, a widely used Rust crate for handling tar archives with asynchronous I/O. The disclosure, catalogued under the RUSTSEC identifiers, reveals flaws ranging from arbitrary directory permission manipulation through symlink abuse to PAX header desynchronization issues. While the exact severity ratings remain unspecified in the current advisory, the nature of several findings suggests a potential for significant impact on systems relying on this package for archive extraction.

The most critical of the disclosed flaws, tracked as RUSTSEC-2026-0113, affects astral-tokio-tar versions 0.6.0 and earlier. The unpack_in API contains a vulnerability that allows the chmod of arbitrary directories outside the intended archive hierarchy by following symbolic links. An attacker could craft a malicious tar archive that modifies permissions on external directories, though the flaw is limited to directories—individual file permissions cannot be altered through this vector. The advisory references GHSA-j4xf-2g29-59ph, indicating an equivalent flaw exists in the upstream tar crate, suggesting a broader pattern of similar vulnerabilities across Rust's archive-handling ecosystem. Patched versions addressing this issue are available starting at 0.6.1.

The discovery raises concerns for projects depending on astral-tokio-tar for secure archive extraction, particularly in environments where untrusted tar archives may be processed. The symlink-following behavior that enables arbitrary permission changes could be leveraged in privilege escalation scenarios if combined with other system-level weaknesses. Users of the library are advised to audit their dependency trees and prioritize upgrading to the patched release. The disclosure follows coordinated vulnerability reporting practices, with the Rust Security Response Working Group cataloguing findings alongside GitHub Security Advisories.