Cargo and crates.io Security Update: tar Crate Vulnerability (CVE-2026-33056)

In early March 2026, the Rust Security Response Team received a report about a security flaw in the widely used tar crate, a dependency of Cargo. This vulnerability, officially tracked as CVE-2026-33056, could allow a malicious crate to alter the permissions of arbitrary directories on a user's filesystem when Cargo extracts its archive during a build. The team acted quickly: for users of the public crates.io registry, a server-side mitigation was deployed on March 13th to block any attempts to exploit this issue, and a thorough audit of all published crates confirmed that none were leveraging the flaw. For users of other registries, coordination with registry vendors is recommended. A Rust toolchain update—version 1.94.1—is scheduled for March 26, 2026, which will include a patched version of the tar crate, though this only protects those who upgrade their tools. The following questions and answers provide a detailed breakdown of the vulnerability, its impact, and the response.

What exactly is the vulnerability in the tar crate?

The vulnerability lies in the tar crate's archive extraction logic. When Cargo downloads and uncompresses a crate during a build, it uses the tar crate to handle the archive. A specially crafted tar archive could contain entries with malicious permission fields that, upon extraction, would modify the permissions of existing directories on the filesystem, rather than just affecting the files being unpacked. This could allow an attacker to escalate privileges or disrupt operations by changing directory access modes (e.g., making a normally read-only directory writable). The exploit does not require any special privileges on the part of the crate being built—it only needs to be present as a dependency. The issue is tracked as CVE-2026-33056. The tar crate maintainers have released a patch that sanitizes these permission changes, ensuring that extraction does not alter permissions outside of the unpacked contents.

Does this affect users of crates.io?

No, not in practice. As soon as the Rust Security Response Team was made aware of the vulnerability, they worked with the crates.io operators to deploy a mitigation on March 13, 2026. This change prevented the upload of any new crates that attempt to exploit the flaw. Additionally, the entire history of crates.io—every crate ever published—was audited for signs of this exploit. The audit confirmed that no crates on crates.io have ever used or are currently using the vulnerability. Therefore, if you only fetch crates from the official crates.io registry, your builds are safe from this attack. The main risk would come from third-party or private registries that may not have implemented similar checks.

What should I do if I use an alternate registry?

If your project relies on packages from a registry other than crates.io, you should contact the vendor or administrator of that registry to determine whether they have applied the appropriate safeguards. The Rust toolchain itself—as distributed with Rust 1.94.1—will include a patched version of the tar crate; however, this update only protects you if you are using the updated Cargo version. If you are stuck on an older Cargo release (for example, because you are on a stable Linux distribution or a company-maintained toolchain) and your alternate registry has not implemented server-side validation, your builds could potentially be vulnerable. The safest course of action is to upgrade to Rust 1.94.1 when it is released on March 26, 2026 and to verify with your registry provider that they have taken steps to block malicious archives.

What mitigation steps are being taken by the Rust project?

The Rust project has taken a multi-pronged approach. First, the tar crate itself was patched to prevent permission changes on directories outside of the extraction target. Second, the public crates.io registry implemented server-side validation on March 13, 2026 to reject any crate upload that appears to exploit the vulnerability. Third, a full audit of all crates ever published to crates.io was conducted, with no evidence of exploitation found. Finally, a new Rust toolchain release, Rust 1.94.1, is scheduled for March 26, 2026. This release includes the patched tar crate as well as other non-security fixes for the toolchain. Users are strongly encouraged to update to this version as soon as it becomes available. For users of alternate registries, the server-side mitigation may or may not be in place, so the toolchain update is especially important.

Who discovered and helped fix this vulnerability?

The vulnerability in the tar crate was discovered by Sergei Zimmerman, who responsibly reported it to the Rust Security Response Team before any public disclosure. William Woodruff also provided significant assistance to the crates.io team in implementing the mitigation. Within the Rust project, several individuals contributed to the response: Eric Huss patched Cargo; Tobias Bieniek, Adam Harvey, and Walter Pearce worked on the crates.io patch and the analysis of existing crates; Emily Albini and Josh Stone coordinated the overall response; and Emily Albini also wrote the original advisory. The Rust community is grateful for the coordinated effort between external security researchers and internal team members to quickly address the issue without any known exploitation in the wild.

What is the timeline of events for this vulnerability?

The timeline began with Sergei Zimmerman privately disclosing the vulnerability to the Rust Security Response Team. Shortly after, the team verified the issue and began working on a fix. On March 13, 2026, crates.io deployed a server-side change to block exploitation attempts and completed a full audit of all crates ever uploaded. The Rust team then prepared a patch for the tar crate and integrated it into the upcoming toolchain release. The public advisory was issued, and the patch for tar was made available to the open-source crate ecosystem. On March 26, 2026, Rust 1.94.1 will be released, containing the patched tar crate and other toolchain fixes. Users of alternate registries are urged to ensure their registry vendors have also applied appropriate mitigations in the meantime.