Address Space Layout Randomization (ASLR)
GPTKB entity
Statements (51)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
security technique
|
| gptkbp:abbreviation |
gptkb:ASLR
|
| gptkbp:canBeBypassedBy |
brute force
information disclosure vulnerabilities low entropy |
| gptkbp:category |
operating system security
exploit mitigation |
| gptkbp:compatibleWith |
older operating systems
|
| gptkbp:defaultIn |
gptkb:Windows_Vista_and_later
gptkb:Linux_kernel_2.6.12_and_later gptkb:macOS_10.5_and_later |
| gptkbp:documentedIn |
Apple developer documentation
Linux kernel documentation Microsoft Security Development Lifecycle PaX documentation |
| gptkbp:effect |
depends on entropy
reduced by information leaks |
| https://www.w3.org/2000/01/rdf-schema#label |
Address Space Layout Randomization (ASLR)
|
| gptkbp:implementedIn |
gptkb:Android
gptkb:Windows gptkb:iOS gptkb:macOS gptkb:Linux |
| gptkbp:improves |
system security
complexity of attacks |
| gptkbp:introducedIn |
gptkb:PaX_patch_for_Linux
2001 |
| gptkbp:limitation |
reliability of exploits
|
| gptkbp:notEffectiveAgainst |
address space is predictable
information leak exists |
| gptkbp:purpose |
mitigate buffer overflow attacks
increase difficulty of exploitation |
| gptkbp:randomChance |
heap
stack shared libraries executable base address memory address space |
| gptkbp:recommendation |
security best practices
|
| gptkbp:relatedTo |
gptkb:Data_Execution_Prevention_(DEP)
stack canaries Control Flow Integrity (CFI) |
| gptkbp:requires |
support from application
support from hardware support from operating system |
| gptkbp:standardizedBy |
gptkb:PaX_project
|
| gptkbp:usedBy |
modern operating systems
|
| gptkbp:usedIn |
computer security
|
| gptkbp:vulnerableTo |
brute force attacks
memory disclosure attacks |
| gptkbp:bfsParent |
gptkb:Data_Execution_Prevention_(DEP)
|
| gptkbp:bfsLayer |
7
|