Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-22576 | GEN008420 | SV-63197r1_rule | ECSC-1 | Low |
Description |
---|
Successful exploitation of buffer overflow vulnerabilities relies in some measure to having a predictable address structure of the executing program. Address randomization techniques reduce the probability of a successful exploit. |
STIG | Date |
---|---|
Oracle Linux 5 Security Technical Implementation Guide | 2015-06-05 |
Check Text ( C-51921r2_chk ) |
---|
Check that the "kernel.randomize_va_space" kernel parameter is set to "2" in /etc/sysctl.conf. Procedure: # grep ^kernel\.randomize_va_space /etc/sysctl.conf | awk -F= '{ print $2 }' If there is no value returned or if a value is returned that is not "2", this is a finding. |
Fix Text (F-53775r3_fix) |
---|
Edit (or add if necessary) the entry in /etc/sysctl.conf for the "kernel.randomize_va_space" kernel parameter. Ensure this parameter is set to "2" as in: kernel.randomize_va_space = 2 If this was not already the default, reboot the system for the change to take effect. |