Detections
Analytics

1.33 RHEL-09-213070

Information

RHEL 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.

GROUP ID: V-257809
RULE ID: SV-257809r1044866

Address space layout randomization (ASLR) makes it more difficult for an attacker to predict the location of attack code they have introduced into a process' address space during an attempt at exploitation. Additionally, ASLR makes it more difficult for an attacker to know the location of existing code in order to repurpose it using return oriented programming (ROP) techniques.

Satisfies: SRG-OS-000433-GPOS-00193, SRG-OS-000480-GPOS-00227

Solution

Add or edit the following line in a system configuration file in the "/etc/sysctl.d/" directory:

kernel.randomize_va_space = 2

Reload settings from all system configuration files with the following command:

$ sudo sysctl --system

See Also

https://workbench.cisecurity.org/benchmarks/22008

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-16, CAT|II, CCI|CCI-002824, Rule-ID|SV-257809r1044866_rule, STIG-ID|RHEL-09-213070, Vuln-ID|V-257809

Plugin: Unix

Control ID: ee06368fb4fc9186b35d81f6d39e002cd1893bb7d0ba01902a71113a0c834db4