Address Space Layout Randomization (ASLR)
GPTKB entity
Statements (51)
Predicate | Object |
---|---|
gptkbp:instanceOf |
security technique
|
gptkbp:abbreviation |
gptkb:ASLR
|
gptkbp:canBeBypassedBy |
brute force
information disclosure vulnerabilities low entropy |
gptkbp:category |
operating system security
exploit mitigation |
gptkbp:compatibleWith |
older operating systems
|
gptkbp:defaultIn |
gptkb:Windows_Vista_and_later
gptkb:Linux_kernel_2.6.12_and_later gptkb:macOS_10.5_and_later |
gptkbp:documentedIn |
Apple developer documentation
Linux kernel documentation Microsoft Security Development Lifecycle PaX documentation |
gptkbp:effect |
depends on entropy
reduced by information leaks |
https://www.w3.org/2000/01/rdf-schema#label |
Address Space Layout Randomization (ASLR)
|
gptkbp:implementedIn |
gptkb:Android
gptkb:Windows gptkb:iOS gptkb:macOS gptkb:Linux |
gptkbp:improves |
system security
complexity of attacks |
gptkbp:introducedIn |
gptkb:PaX_patch_for_Linux
2001 |
gptkbp:limitation |
reliability of exploits
|
gptkbp:notEffectiveAgainst |
address space is predictable
information leak exists |
gptkbp:purpose |
mitigate buffer overflow attacks
increase difficulty of exploitation |
gptkbp:randomChance |
heap
stack shared libraries executable base address memory address space |
gptkbp:recommendation |
security best practices
|
gptkbp:relatedTo |
gptkb:Data_Execution_Prevention_(DEP)
stack canaries Control Flow Integrity (CFI) |
gptkbp:requires |
support from application
support from hardware support from operating system |
gptkbp:standardizedBy |
gptkb:PaX_project
|
gptkbp:usedBy |
modern operating systems
|
gptkbp:usedIn |
computer security
|
gptkbp:vulnerableTo |
brute force attacks
memory disclosure attacks |
gptkbp:bfsParent |
gptkb:Data_Execution_Prevention_(DEP)
|
gptkbp:bfsLayer |
7
|