Rust Cygwin Target Path Handling Vulnerability

A path handling vulnerability has been identified in the Rust programming language, specifically in version 1.87.0 prior to 1.89.0, for the tier 3 Cygwin target (x86_64-pc-cygwin). The issue arises because the Cygwin target did not properly manage path separators, leading the standard library's Path API to overlook path components divided by backslashes. This flaw could cause programs compiled for Cygwin that perform path validation to malfunction, potentially enabling path traversal attacks or harmful operations on the filesystem. The vulnerability is not present in the tier 1 MinGW target (x86_64-pc-windows-gnu).

Impact

Exploitation of this vulnerability could allow for path traversal attacks or malicious filesystem operations in programs compiled for the Cygwin target.

Reproduction

To reproduce this vulnerability, compile a Rust program for the Cygwin target (x86_64-pc-cygwin) using a version of Rust between 1.87.0 and 1.89.0. The program should include path validation that checks for components separated by backslashes. When the program is run, it may incorrectly process the paths, bypassing validation and potentially leading to unauthorized filesystem access or modifications.

Remediation

Users should upgrade to Rust version 1.89.0 or later. The Cygwin target can be manually compiled from source, as it is not available as a pre-built binary or through Rustup.