ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)
A vulnerability named HollowByte lets unauthenticated attackers trigger a denial-of-service condition on OpenSSL servers with an 11-byte payload. The flaw causes the server to allocate memory for a message that never arrives, and on glibc systems the memory is not freed until the process restarts. OpenSSL fixed the issue in versions 4.0.1, 3.6.3, 3.5.7, 3.4.6, and 3.0.21 without assigning a CVE or advisory.
Tap to vote and see what everyone thinks.
Summary by ByteBrief