OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests

Eleven bytes will make an unpatched OpenSSL server set aside up to 131 KB of memory for a message that never arrives. On the glibc systems Okta tested, that memory is gone until the process restarts.

OpenSSL shipped the HollowByte fix in June with no CVE, no advisory, and no changelog entry pointing at it. Okta’s Red Team, which reported the denial-of-service bug and named it, published the

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Launch HN: Agnost AI (YC S26) – Extract user feedback from agent conversations

Launch HN: Agnost AI (YC S26) – Extract user feedback from agent conversations Source: Hacker News

Semiconductor Lifeline Keeps Fighter Jets in the Air

Semiconductor Lifeline Keeps Fighter Jets in the Air Source: Hacker News

OfficeCLI: Office suite for AI agents to read and edit Microsoft Office files

OfficeCLI: Office suite for AI agents to read and edit Microsoft Office files Source: Hacker News