VMTech
+381 11 4183 54024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

OpenSSL HollowByte: 11 bytes can pin server memory and trigger DoS

OpenSSL HollowByte: 11 bytes can pin server memory and trigger DoS

Colleagues, I’d like to flag a cyber security and TLS issue: OpenSSL has disclosed HollowByte.

Key takeaways:
• As little as 11 bytes in a TLS request can force a server to allocate up to 131 KB of memory.
• On glibc-based systems, this memory may not be released until the process is restarted.
• A fix is already available in releases 4.0.1, 3.6.3, 3.5.7, 3.4.6 and 3.0.21, released on 9 June.
• There is still no CVE, advisory, or changelog note.

Why it matters: standard connection controls may not be enough, so updating and restarting now is critical.

Have you checked which OpenSSL versions are deployed across your infrastructure?

#cybersecurity #OpenSSL #TLS #Vulnerability

Current metrics
0Views
0Reach
0Likes
0Comments
0Saved
0Shares

Latest comments

No comments yet.

Instagram

OpenSSL HollowByte: 11 bytes can pin server memory and trigger DoS

Open the post on Instagram ↗