1.5.3 Ensure address space layout randomization (ASLR) is enabled

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Randomly placing virtual memory regions will make it difficult to write memory page exploits as the memory placement will be consistently shifting.

Solution

Set the following parameter in the /etc/sysctl.conf file: kernel.randomize_va_space = 2 Run the following command to set the active kernel parameter: # sysctl -w kernel.randomize_va_space=2

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CSCv6|3.1

Plugin: Unix

Control ID: 14fdd2241a5e2daba2f2a496ee617fefa97f390ea0f41154072712ba41d4c30e