Skip to content
The Nexus
SECURITYJul 17 · 20:20 UTCTHE HACKER NEWS[email protected] (The Hacker News)

OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests

An OpenSSL vulnerability named HollowByte allows 11-byte TLS requests to allocate up to 131 KB of server memory that remains reserved until the process restarts. Okta's Red Team discovered and reported the denial-of-service bug, which was patched in June without a CVE identifier, security advisory, or changelog entry.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this
Related Signal

Adjacent reporting