Address Space Layout Randomization (ASLR)

Address space layout randomization (ASLR) mitigates against binary exploitation attacks by randomizing the address offsets of program segments and shared libraries, which increases the difficulty of redirection. Enabling ASLR in the OS only randomizes the placement of stack, heap, and shared libraries by default; the .text section is only randomized if the binary is also compiled with -fPIE (position-independent code).

To check if ASLR is enabled, run cat /proc/sys/kernel/randomize_va_space

0: Disabled
1: Only the positions of stack, vDSO, and shared memory is randomized. The data segment is placed immediately after executable code segment.
2: (Default) Randomize the above and the data segment..
https://security.stackexchange.com/questions/18556/how-do-aslr-and-dep-work

Security Memo

Recent Notes

SMART

Bossa Nova

ZFS

post-rock

2024-09-27

Address Space Layout Randomization (ASLR)

Graph View

Sources

Backlinks