Apache OpenNLP AbstractModelReader Unbounded Array Allocation Leading to OOM Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in Apache OpenNLP's AbstractModelReader. Affected versions include those prior to 2.5.9 and 3.0.0-M3. The issue arises because the AbstractModelReader methods getOutcomes(), getOutcomePatterns(), and getPredicates() read a 32-bit signed integer count from a binary model stream and directly use that value to allocate arrays. This allocation process does not validate whether the count is non-negative or within a reasonable limit. As a result, when the model file comes from an untrusted source, the count can be manipulated by an attacker. Exploitation of this vulnerability involves crafting a .bin model file with a count field set to Integer.MAX_VALUE or any value large enough to deplete the available heap memory. This triggers an OutOfMemoryError during the array allocation, before the model data is fully processed. The error occurs early in the deserialization process, allowing a small file to effectively crash a Java Virtual Machine (JVM) that loads it. This vulnerability affects any code path that deserializes a .bin model, including the direct use of GenericModelReader and higher-level components that rely on it.

Impact

Exploitation of this vulnerability leads to an OutOfMemoryError, causing a denial-of-service condition on the JVM that loads the affected model file.

Remediation

Users of Apache OpenNLP 2.x should upgrade to version 2.5.9, and users of Apache OpenNLP 3.x should upgrade to version 3.0.0-M3. The fix includes a validation step that imposes an upper limit on the count fields before array allocation, preventing large allocations that could cause heap exhaustion. Users who cannot upgrade immediately should treat all .bin model files as untrusted unless their source can be verified, and avoid loading models from end users or third-party repositories without integrity checks.