Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
OpenSSL Vulnerability ‘HollowByte’ Poses Severe Threat

OpenSSL Vulnerability ‘HollowByte’ Poses Severe Threat

Posted on July 17, 2026 By CWS

A critical vulnerability in OpenSSL, named ‘HollowByte’, has been identified, allowing attackers to initiate a denial-of-service (DoS) attack with a payload of only 11 bytes. This flaw, uncovered by the Okta Red Team, exploits the way OpenSSL manages memory allocation during the TLS handshake, effectively enabling attackers to exhaust server resources before authentication.

Understanding the ‘HollowByte’ Vulnerability

The vulnerability lies in the initial stage of the TLS handshake, where a ClientHello message, containing a 4-byte header, prompts OpenSSL to allocate a receive buffer based on the declared size. Older OpenSSL versions allocate memory without validating the actual data, enabling a crafted 11-byte payload to trigger extensive memory allocation.

This process, involving functions like grow_init_buf() and OPENSSL_clear_realloc(), leads to the allocation of up to 131 KB of memory based on the attacker’s input. Consequently, server threads become indefinitely blocked, awaiting data that never arrives, aggravating the server’s vulnerability to connection-exhaustion attacks.

Impact on Internet Infrastructure

Traditional attacks such as Slowloris exploit open connections to deplete server resources. ‘HollowByte’ exacerbates this issue by inducing memory fragmentation, particularly impacting how glibc handles memory. When an attacker’s connection drops, OpenSSL frees the buffer, but glibc’s memory retention strategy prevents immediate resource recovery, resulting in continuous memory consumption.

Testing by the Okta Red Team demonstrated severe implications: in a 1 GB RAM environment, servers experienced out-of-memory termination after consuming 547 MB of fragmented memory. On a 16 GB system, attackers locked 25% of total memory, bypassing standard connection limits. This vulnerability’s reach extends to numerous internet frameworks, including NGINX, Apache, language runtimes, and databases.

Mitigation Measures and Future Outlook

OpenSSL has addressed this issue by implementing incremental buffer growth, ensuring that memory allocation only scales with actual data arrival. This fix has been integrated into OpenSSL version 4.0.1 and backported to earlier versions. However, the absence of a formal CVE advisory may leave many organizations unaware, necessitating proactive security measures.

Organizations are advised to upgrade their OpenSSL implementations to version 4.0.1 or relevant backports. Additionally, they should audit embedded OpenSSL versions within runtimes like Node.js and Python, as OS-level patches may not suffice. Monitoring for memory bloat on TLS-terminating servers can also help detect potential fragmentation attacks.

Ensuring robust defenses against ‘HollowByte’ is crucial, given OpenSSL’s widespread use. Security teams should prioritize these updates to mitigate potential threats effectively.

Cyber Security News Tags:Cybersecurity, denial of service, HollowByte, memory allocation, Okta Red Team, OpenSSL, patching OpenSSL, security vulnerability, TLS Handshake, web servers

Post navigation

Previous Post: OpenSSL Vulnerability Causes Memory Freeze with Minimal Data

Related Posts

WhatsApp Develops Built-In Cloud Backup with Encryption WhatsApp Develops Built-In Cloud Backup with Encryption Cyber Security News
Online PDF Editors Safe to Use? Detailed Analysis of Security Risks Associated With It Online PDF Editors Safe to Use? Detailed Analysis of Security Risks Associated With It Cyber Security News
State-Sponsored Actors Hijacked Notepad++ Update to Redirect Users to Malicious Servers State-Sponsored Actors Hijacked Notepad++ Update to Redirect Users to Malicious Servers Cyber Security News
Microsoft Investigating Boot Failure Issues With Windows 11, version 25H2 Following January Update Microsoft Investigating Boot Failure Issues With Windows 11, version 25H2 Following January Update Cyber Security News
Akira Ransomware Uses Windows Drivers to Bypass AV/EDR in SonicWall Attacks Akira Ransomware Uses Windows Drivers to Bypass AV/EDR in SonicWall Attacks Cyber Security News
New HTTP Smuggling Attack Technique Let Hackers Inject Malicious Requests New HTTP Smuggling Attack Technique Let Hackers Inject Malicious Requests Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • OpenSSL Vulnerability ‘HollowByte’ Poses Severe Threat
  • OpenSSL Vulnerability Causes Memory Freeze with Minimal Data
  • EY Faces Data Breach: IT System Compromised
  • Malicious Vite npm Packages Exploit Blockchain for Cyberattack
  • Ransomware Disrupts Fairlife Production in U.S.

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • OpenSSL Vulnerability ‘HollowByte’ Poses Severe Threat
  • OpenSSL Vulnerability Causes Memory Freeze with Minimal Data
  • EY Faces Data Breach: IT System Compromised
  • Malicious Vite npm Packages Exploit Blockchain for Cyberattack
  • Ransomware Disrupts Fairlife Production in U.S.

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark