OpenSSL HollowByte DoS can lock server memory via 11-byte TLS packets
Source headline: OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests
Intelligence Summary
Okta describes a denial-of-service issue in unpatched OpenSSL implementations that can freeze a server’s allocated memory. By sending a crafted TLS request containing only 11 bytes, an attacker can cause the server to reserve up to about 131 KB for a message that never completes. On glibc systems tested by Okta, that memory remains unavailable until the process restarts. OpenSSL reportedly shipped a fix in June without a CVE, advisory, or clear changelog entry pointing to the problem. If you run OpenSSL-based services, verify you are on a patched version and monitor for unusual TLS handshake patterns.
Recommended Action
Prioritize immediate review, validate exposure, and patch or mitigate affected systems.