TLS protocol has an extension HeartBeat and it is defined in RFC 6520.
The main advantage of this extension is to keep the secure connection alive even if no data is exchanged. This is done due to fact that SSL exchange take time and doing this repeatedly again and again will hit performance as well as usability.
How HeartBeat Extension works
It’s a request response model, client request heartbeat request with some payload and length of payload. Receiving peer just send back the same payload. In openssl their is no validation of payload vs length of payload so a malformed packet like payload of 1 byte and payload length of 65535 (length field is 16 bits i.e. 2¹⁶ -1). Receiver simply copies the payload data in memory and while sending response send 65535 bytes of data from the payload memory location. Memory would have contain secret information like private -keys, session keys, tickets etc.
Mitigation:
Apply openssl patch.
Reference:
CVE-ID: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160