Fedora Account System
Red Hat Associate
Red Hat Customer
Uncontrolled recursion vulnerability in the RelaxNG include handling logic of the libxml2 XML parsing library. The issue arises from the absence of limits on recursive <include> directive resolution. When a deeply nested chain of included RelaxNG schema files is processed, the parser enters unbounded recursion, eventually exhausting the system call stack. This results in a stack overflow and application crash. Exploitation requires attacker-controlled schema input and primarily impacts availability by causing a denial of service.