glvd logo
glvd logo
Garden Linux Vulnerability Database
CVE Description

"A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition."

Metadata

Vulnerability Status Published Date Modified Date Ingested Date
Awaiting Analysis 2026-01-15T15:15:52.657 2026-01-16T15:55:33.063 2026-01-16 15:55:33.063+00

CVSS Scores

CVSS Version Base Score DEB CVSS Severity Vector String
3.1 2.9 LOW CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Linux Images

Distro Version Source Package Package Version Is Vulnerable Is fixed in Version
gardenlinux kvm-cilium-k3s-1435.0-4a8f67f4 libxml2 2.9.14+dfsg-1.3+b2 true
gardenlinux kvm-gardener-1435.0-4a8f67f4 libxml2 2.9.14+dfsg-1.3+b2 true
gardenlinux kvm-cg2epc-gardener-1435.0-4a8f67f4 libxml2 2.9.14+dfsg-1.3+b2 true
gardenlinux metal-cilium-k3s-osc-vhost-1435.0-4a8f67f4 libxml2 2.9.14+dfsg-1.3+b2 true
gardenlinux metal-cilium-k3s-osc-1435.0-4a8f67f4 libxml2 2.9.14+dfsg-1.3+b2 true
gardenlinux kvm-cilium-k3s-1461.0-e82c34ca libxml2 2.9.14+dfsg-1.3+b2 true
gardenlinux kvm-gardener-1461.0-e82c34ca libxml2 2.9.14+dfsg-1.3+b2 true
gardenlinux kvm-cg2epc-gardener-1461.0-e82c34ca libxml2 2.9.14+dfsg-1.3+b2 true
gardenlinux metal-cilium-k3s-osc-vhost-1461.0-e82c34ca libxml2 2.9.14+dfsg-1.3+b2 true
gardenlinux metal-cilium-k3s-osc-1461.0-e82c34ca libxml2 2.9.14+dfsg-1.3+b2 true
gardenlinux kvm-cilium-k3s-1504.0-6aac186b libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux kvm-gardener-1504.0-6aac186b libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux kvm-cg2epc-gardener-1504.0-6aac186b libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux metal-cilium-k3s-osc-vhost-1504.0-6aac186b libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux metal-cilium-k3s-osc-1504.0-6aac186b libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux kvm-cilium-k3s-1510.0-0eb2d8b0 libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux kvm-gardener-1510.0-0eb2d8b0 libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux kvm-cg2epc-gardener-1510.0-0eb2d8b0 libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux metal-cilium-k3s-osc-vhost-1510.0-0eb2d8b0 libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux metal-cilium-k3s-osc-1510.0-0eb2d8b0 libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux kvm-cilium-k3s-1569.0-5a8afbfa libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux kvm-gardener-1569.0-5a8afbfa libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux kvm-cg2epc-gardener-1569.0-5a8afbfa libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux metal-cilium-k3s-osc-vhost-1569.0-5a8afbfa libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux metal-cilium-k3s-osc-1569.0-5a8afbfa libxml2 2.9.14+dfsg-1.3+b3 true
gardenlinux kvm-cilium-k3s-1605.0-490ed850 libxml2 2.12.7+dfsg-3gardenlinux0 true
gardenlinux kvm-gardener-1605.0-490ed850 libxml2 2.12.7+dfsg-3gardenlinux0 true
gardenlinux metal-cilium-k3s-osc-vhost-1605.0-490ed850 libxml2 2.12.7+dfsg-3gardenlinux0 true
gardenlinux metal-cilium-k3s-osc-1605.0-490ed850 libxml2 2.12.7+dfsg-3gardenlinux0 true
gardenlinux kvm-cilium-k3s-1721.0-9802b525 libxml2 2.12.7+dfsg-3gardenlinux0 true
gardenlinux kvm-gardener-1721.0-9802b525 libxml2 2.12.7+dfsg-3gardenlinux0 true
gardenlinux metal-cilium-k3s-osc-ucode-vhost-1721.0-9802b525 libxml2 2.12.7+dfsg-3gardenlinux0 true
gardenlinux metal-cilium-k3s-osc-ucode-1721.0-9802b525 libxml2 2.12.7+dfsg-3gardenlinux0 true
debian_linux 13 libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u2 true
debian_linux 12 libxml2 2.9.14+dfsg-1.3~deb12u5 true
gardenlinux metal-cilium-k3s-osc-router-ucode-1721.0-9802b525 libxml2 2.12.7+dfsg-3gardenlinux0 true
gardenlinux kvm-cilium-k3s-1862.0-6be879c6 libxml2 2.12.7+dfsg+really2.9.14-0.4gl0 true
gardenlinux kvm-gardener-1862.0-6be879c6 libxml2 2.12.7+dfsg+really2.9.14-0.4gl0 true
gardenlinux pt-gardener-nvgpu-1862.0-6be879c6 libxml2 2.12.7+dfsg+really2.9.14-0.4gl0 true
gardenlinux metal-cilium-k3s-osc-ucode-vhost-1862.0-6be879c6 libxml2 2.12.7+dfsg+really2.9.14-0.4gl0 true
gardenlinux metal-cilium-k3s-osc-ucode-1862.0-6be879c6 libxml2 2.12.7+dfsg+really2.9.14-0.4gl0 true
gardenlinux metal-cilium-k3s-osc-router-ucode-1862.0-6be879c6 libxml2 2.12.7+dfsg+really2.9.14-0.4gl0 true
debian_linux 14 libxml2 2.15.1+dfsg-2 true