{ads}

OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests



July 18, 2026 at 01:50AM

Eleven bytes will make an unpatched OpenSSL server set aside up to 131 KB of memory for a message that never arrives. On the glibc systems Okta tested, that memory is gone until the process restarts. OpenSSL shipped the HollowByte fix in June with no CVE, no advisory, and no changelog entry pointing at it. Okta's Red Team, which reported the denial-of-service bug and named it, published the

from The Hacker News https://ift.tt/dgDSsah

0 Response to "OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads