SUSE CVE-2025-25199

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...

Memory Leakage

go-crypto-winnative is vulnerable to a Memory Leakage. The vulnerability is due to improper resource management due to failure to release the key handle in cng.TLS1PRF, causing a small memory leak on each call...

go-crypto-winnative BCryptGenerateSymmetricKey memory leak

Calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time...

AZL-79122 CVE-2025-25199 affecting package golang 1.25.7-1

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...

CVE-2025-25199 BCryptGenerateSymmetricKey memory leak

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...