Address Space Layout Randomization (ASLR)

E427682

Address Space Layout Randomization (ASLR) is a security technique that randomly arranges the memory addresses used by key data areas of a process to make it harder for attackers to predict and exploit them.

All labels observed (3)

How this entity was disambiguated

Statements (48)

Predicate Object
instanceOf exploit mitigation
memory protection mechanism
security technique
abbreviation ASLR
aimsTo increase difficulty of code execution attacks
make memory layout unpredictable
mitigate memory corruption exploits
canBeBypassedBy information leakage vulnerabilities
memory disclosure bugs
classifiedAs software security mechanism
doesNotPrevent logic bugs
non-control-data attacks
effectivenessDependsOn amount of entropy in address space
frequency of re-randomization
hasVariant fine-grained ASLR
per-execution randomization
per-load randomization
position-independent executables
introducedIn Linux kernel 2.6 era
isComplementedBy Data Execution Prevention NERFINISHED
control-flow integrity
stack canaries
isComponentOf defense in depth strategies
isLimitedBy 32-bit address space size
isMoreEffectiveOn 64-bit architectures
isStandardizedIn various operating system security configurations
operatesOn process address space
virtual memory layout
randomizes base addresses of executable images
base addresses of shared libraries
heap base address
memory-mapped regions
stack base address
reduces effectiveness of buffer overflow exploits
reliability of jump-oriented programming attacks
reliability of return-oriented programming attacks
requires relocation-capable binaries for full effectiveness
support from hardware memory management unit
support from operating system
supportedBy Android NERFINISHED
Linux NERFINISHED
Windows NERFINISHED
iOS NERFINISHED
macOS NERFINISHED
targets arbitrary code execution attacks
remote code execution attacks
uses entropy in address space layout
randomization of address offsets

How these facts were elicited

Referenced by (3)

Full triples — surface form annotated when it differs from this entity's canonical label.

FreeBSD supportsSecurityFeature Address Space Layout Randomization (ASLR)
Linux kernel hardening usesMechanism Address Space Layout Randomization (ASLR)
this entity surface form: ASLR (Address Space Layout Randomization)
Linux kernel hardening usesMechanism Address Space Layout Randomization (ASLR)
this entity surface form: KASLR (Kernel Address Space Layout Randomization)