4 matches found
CVE-2025-25199
go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...
CVE-2025-25199
go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...
CVE-2025-25199
CVE-2025-25199 concerns the go-crypto-winnative Go crypto backend for Windows (CNG). Root cause: prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF did not release the key handle, causing a small memory leak per use. The fix is included in the Microsoft Go builds of ve...
CVE-2025-25199 BCryptGenerateSymmetricKey memory leak
go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...