diff --git a/pkg/webhook/operatingsystemconfig/ensurer_test.go b/pkg/webhook/operatingsystemconfig/ensurer_test.go
index 7ad783f5..d06fee54 100644
--- a/pkg/webhook/operatingsystemconfig/ensurer_test.go
+++ b/pkg/webhook/operatingsystemconfig/ensurer_test.go
@@ -346,6 +346,19 @@ func getRsyslogFiles(rsyslogConfig []byte, useExpectedContent bool) []extensions
 				},
 			},
 		},
+		{
+			Path:        "/etc/systemd/system/rsyslog.service.d/10-shoot-rsyslog-relp-memory-limits.conf",
+			Permissions: ptr.To(int32(0644)),
+			Content: extensionsv1alpha1.FileContent{
+				Inline: &extensionsv1alpha1.FileContentInline{
+					Data: getBasedOnCondition(useExpectedContent, `[Service]
+MemoryMin=15M
+MemoryHigh=150M
+MemoryMax=300M
+MemorySwapMax=0`, "old"),
+				},
+			},
+		},
 	}
 }
 
diff --git a/pkg/webhook/operatingsystemconfig/rsyslog.go b/pkg/webhook/operatingsystemconfig/rsyslog.go
index 711e8642..0a731b7b 100644
--- a/pkg/webhook/operatingsystemconfig/rsyslog.go
+++ b/pkg/webhook/operatingsystemconfig/rsyslog.go
@@ -31,6 +31,8 @@ const (
 	rsyslogTLSDir        = "/etc/ssl/rsyslog"
 	rsyslogTLSFromOSCDir = rsyslogOSCDir + "/tls"
 
+	rsyslogServiceMemoryLimitsDropInPath = "/etc/systemd/system/rsyslog.service.d/10-shoot-rsyslog-relp-memory-limits.conf"
+
 	rsyslogConfigPath              = "/etc/rsyslog.d/60-audit.conf"
 	rsyslogConfigFromOSCPath       = rsyslogOSCDir + "/rsyslog.d/60-audit.conf"
 	configureRsyslogScriptPath     = rsyslogOSCDir + "/configure-rsyslog.sh"
@@ -159,6 +161,19 @@ func getRsyslogFiles(rsyslogRelpConfig *rsyslog.RsyslogRelpConfig, cluster *exte
 				},
 			},
 		},
+		{
+			Path:        rsyslogServiceMemoryLimitsDropInPath,
+			Permissions: ptr.To(int32(0644)),
+			Content: extensionsv1alpha1.FileContent{
+				Inline: &extensionsv1alpha1.FileContentInline{
+					Data: `[Service]
+MemoryMin=15M
+MemoryHigh=150M
+MemoryMax=300M
+MemorySwapMax=0`,
+				},
+			},
+		},
 	}...)
 
 	return rsyslogFiles, nil