Large overnight size increase of com.ubuntu.xenial.cve.oval.xml

There seems to be a lot of duplication of tests:

$ grep dpkginfo_test com.ubuntu.xenial.cve.oval.xml | grep -e "Does the '.*'" -o | sort | uniq -c | sort -n -r | head
   1216 Does the 'linux-image-4.15.0-48-lowlatency' package exist and is the version less than '4.8.0-36.36~16.04.1'
   1216 Does the 'linux-image-4.15.0-48-generic' package exist and is the version less than '4.8.0-36.36~16.04.1'
   1122 Does the 'linux-image-3.4.0-7-mako'
   1122 Does the 'linux-image-3.4.0-5-flo'
    890 Does the 'linux-image-4.4.0-146-lowlatency' package exist and is the version less than '4.2.0-16.19'
    890 Does the 'linux-image-4.4.0-146-generic' package exist and is the version less than '4.2.0-16.19'
    866 Does the 'libqtwebkit4'
    866 Does the 'libqtwebkit-qmlwebkitplugin'
    843 Does the 'linux-image-3.4.0-4-goldfish'
    608 Does the 'linux-image-virtual-hwe-16.04' package exist and is the version less than '4.8.0.36'

So there are for example 1216 copies of tests checking Does the 'linux-image-4.15.0-48-lowlatency' package exist and is the version less than '4.8.0-36.36~16.04.1'

Also running `oscap oval validate` on the file crashed as oscap depleted the system memory.

Thanks for reporting this issue.
It has been more than two years since this was reported, so I believe this might not be a problem anymore and since you mentioned this oscap could not validate it, it could be a one-of corrupted file.
Also this bug doesn't relate at all to openscap package itself, therefore if you have any issues with OVAL files I recommend trying to send an email to <email address hidden> and we will take a look for sure.