Theplistlib module is vulnerable to OOM. It reads from the file the amount of data specified in the file (which can be up to2**64 bytes), and bothFileIO,read() andBufferedReader.read() preallocates the bytes object of the specified size. Specially prepared Plist file can be used to organize a DOS attack.

Linked PRs

• gh-119342: Fix a potential denial of service in plistlib #119343
• [3.14] gh-119342: Fix a potential denial of service in plistlib (GH-119343) #142143
• [3.13] gh-119342: Fix a potential denial of service in plistlib (GH-119343) #142144
• [3.12] gh-119342: Fix a potential denial of service in plistlib (GH-119343) #142149
• [3.11] gh-119342: Fix a potential denial of service in plistlib (GH-119343) #142150
• [3.10] gh-119342: Fix a potential denial of service in plistlib (GH-119343) #142151