Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
OpenSSL Vulnerability ‘HollowByte’ Poses Severe Threat

OpenSSL Vulnerability ‘HollowByte’ Poses Severe Threat

Posted on July 17, 2026 By CWS

A critical vulnerability in OpenSSL, named ‘HollowByte’, has been identified, allowing attackers to initiate a denial-of-service (DoS) attack with a payload of only 11 bytes. This flaw, uncovered by the Okta Red Team, exploits the way OpenSSL manages memory allocation during the TLS handshake, effectively enabling attackers to exhaust server resources before authentication.

Understanding the ‘HollowByte’ Vulnerability

The vulnerability lies in the initial stage of the TLS handshake, where a ClientHello message, containing a 4-byte header, prompts OpenSSL to allocate a receive buffer based on the declared size. Older OpenSSL versions allocate memory without validating the actual data, enabling a crafted 11-byte payload to trigger extensive memory allocation.

This process, involving functions like grow_init_buf() and OPENSSL_clear_realloc(), leads to the allocation of up to 131 KB of memory based on the attacker’s input. Consequently, server threads become indefinitely blocked, awaiting data that never arrives, aggravating the server’s vulnerability to connection-exhaustion attacks.

Impact on Internet Infrastructure

Traditional attacks such as Slowloris exploit open connections to deplete server resources. ‘HollowByte’ exacerbates this issue by inducing memory fragmentation, particularly impacting how glibc handles memory. When an attacker’s connection drops, OpenSSL frees the buffer, but glibc’s memory retention strategy prevents immediate resource recovery, resulting in continuous memory consumption.

Testing by the Okta Red Team demonstrated severe implications: in a 1 GB RAM environment, servers experienced out-of-memory termination after consuming 547 MB of fragmented memory. On a 16 GB system, attackers locked 25% of total memory, bypassing standard connection limits. This vulnerability’s reach extends to numerous internet frameworks, including NGINX, Apache, language runtimes, and databases.

Mitigation Measures and Future Outlook

OpenSSL has addressed this issue by implementing incremental buffer growth, ensuring that memory allocation only scales with actual data arrival. This fix has been integrated into OpenSSL version 4.0.1 and backported to earlier versions. However, the absence of a formal CVE advisory may leave many organizations unaware, necessitating proactive security measures.

Organizations are advised to upgrade their OpenSSL implementations to version 4.0.1 or relevant backports. Additionally, they should audit embedded OpenSSL versions within runtimes like Node.js and Python, as OS-level patches may not suffice. Monitoring for memory bloat on TLS-terminating servers can also help detect potential fragmentation attacks.

Ensuring robust defenses against ‘HollowByte’ is crucial, given OpenSSL’s widespread use. Security teams should prioritize these updates to mitigate potential threats effectively.

Cyber Security News Tags:Cybersecurity, denial of service, HollowByte, memory allocation, Okta Red Team, OpenSSL, patching OpenSSL, security vulnerability, TLS Handshake, web servers

Post navigation

Previous Post: OpenSSL Vulnerability Causes Memory Freeze with Minimal Data
Next Post: Critical WordPress Flaw Allows Code Execution

Related Posts

NCSC Warns of Hacktivist Groups Attacking UK Organisations and Online Services NCSC Warns of Hacktivist Groups Attacking UK Organisations and Online Services Cyber Security News
ModHeader Chrome Extension Pulled for Data Exfiltration Risk ModHeader Chrome Extension Pulled for Data Exfiltration Risk Cyber Security News
Enhancing macOS Security: Closing Gaps by 2026 Enhancing macOS Security: Closing Gaps by 2026 Cyber Security News
CISA Warns of Control Web Panel OS Command Injection Vulnerability Exploited in Attacks CISA Warns of Control Web Panel OS Command Injection Vulnerability Exploited in Attacks Cyber Security News
VMware Tools and Aria Operations Vulnerabilities Let Attackers Escalate Privileges to Root VMware Tools and Aria Operations Vulnerabilities Let Attackers Escalate Privileges to Root Cyber Security News
Lessons Learned from Massive npm Supply Chain Attack Using “Shai-Hulud” Self-Replicating Malware Lessons Learned from Massive npm Supply Chain Attack Using “Shai-Hulud” Self-Replicating Malware Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • AI Tool Revolutionizes Automated Penetration Testing
  • Critical WordPress Flaw Allows Code Execution
  • OpenSSL Vulnerability ‘HollowByte’ Poses Severe Threat
  • OpenSSL Vulnerability Causes Memory Freeze with Minimal Data
  • EY Faces Data Breach: IT System Compromised

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • AI Tool Revolutionizes Automated Penetration Testing
  • Critical WordPress Flaw Allows Code Execution
  • OpenSSL Vulnerability ‘HollowByte’ Poses Severe Threat
  • OpenSSL Vulnerability Causes Memory Freeze with Minimal Data
  • EY Faces Data Breach: IT System Compromised

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark