Memory-Leak

🟠 High | Source: Microsoft Security Response Center A memory leak vulnerability in the Go standard library’s SSH package (golang.org/x/crypto/ssh) can be triggered when SSH channels are rejected, potentially allowing an attacker to exhaust server memory and cause a Denial of Service. This affects any service or application built with the affected Go crypto library, including Azure-hosted workloads. Because SSH is a foundational protocol for remote access and automation, the blast radius across cloud infrastructure can be significant. ...

🟢 Low | Source: Microsoft Security Response Center CVE-2025-1149 is a memory leak vulnerability in the GNU Binutils linker tool (ld), specifically within the xstrdup function in xmalloc.c. While memory leaks can cause service instability or denial of service, this issue has been flagged by Microsoft in the context of Azure, suggesting relevance to workloads or toolchains running on Azure infrastructure. The practical security impact is generally low unless an attacker can trigger repeated allocations to exhaust memory resources. ...