EulerOS Virtualization 2.13.1 : libxml2 (EulerOS-SA-2026-2139)

🗓️ 06 Jun 2026 00:00:00Reported by TenableType

Libxml2 flaws on EulerOS Virtualization 2.13.1 risk denial of service via xmllint memory leak and XML catalog issues.

Reporter	Title	Published	Views	Family All 194
IBM Security Bulletins	Security Bulletin: Vulnerabilities in libxml2 (CVE-2026-0989, CVE-2026-0990, CVE-2026-0992) affect AIX	28 May 202621:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)	29 Jan 202613:44	–	ibm
Tenable Nessus	AIX : Multiple Vulnerabilities (IJ58122)	3 Jun 202600:00	–	nessus
Tenable Nessus	AIX : Multiple Vulnerabilities (IJ58124)	3 Jun 202600:00	–	nessus
Tenable Nessus	AIX : Multiple Vulnerabilities (IJ58140)	3 Jun 202600:00	–	nessus
Tenable Nessus	AIX : Multiple Vulnerabilities (IJ58306)	3 Jun 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2026-1396)	5 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2026-1397)	5 Feb 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2026-1446)	6 Mar 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libxml2, --advisory ALAS2-2026-3144 (ALAS-2026-3144)	5 Feb 202600:00	–	nessus

Source	Link
nessus	www.nessus.org/u
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(319456);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/06/06");

  script_cve_id(
    "CVE-2026-0989",
    "CVE-2026-0990",
    "CVE-2026-0992",
    "CVE-2026-1757"
  );
  script_xref(name:"IAVA", value:"2025-A-0840-S");

  script_name(english:"EulerOS Virtualization 2.13.1 : libxml2 (EulerOS-SA-2026-2139)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host
is affected by the following vulnerabilities :

    A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where
    memory allocated for user input is not properly released under certain conditions. When a user submits
    input consisting only of whitespace, the program skips command execution but fails to free the allocated
    buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system
    memory and terminate the xmllint process, creating a denial-of-service condition on the local
    system.(CVE-2026-1757)

    A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when
    processing XML catalogs that contain repeated nextCatalog elements pointing to the same downstream
    catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to
    redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application
    availability, resulting in a denial-of-service condition.(CVE-2026-0992)

    A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in
    the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references
    itself. A remote attacker could exploit this configuration-dependent issue by providing a specially
    crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a
    segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.(CVE-2026-0990)

    A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are
    handled. The parser does not enforce a limit on inclusion depth when resolving nested include
    directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This
    may lead to stack exhaustion and application crashes, creating a denial-of-service risk.(CVE-2026-0989)

Tenable has extracted the preceding description block directly from the EulerOS Virtualization libxml2 security
advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2026-2139
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0d20e22f");
  script_set_attribute(attribute:"solution", value:
"Update the affected libxml2 packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-0990");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2026-1757");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/11/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/06/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/06/06");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libxml2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python3-libxml2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:2.13.1");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "2.13.1") audit(AUDIT_OS_NOT, "EulerOS Virtualization 2.13.1");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

var flag = 0;

var pkgs = [
  "libxml2-2.9.14-9.h19.eulerosv2r13",
  "python3-libxml2-2.9.14-9.h19.eulerosv2r13"
];

foreach (var pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libxml2");
}

06 Jun 2026 00:00Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.16.2

EPSS0.00088

SSVC