The system must use available memory address randomization techniques.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22576 | GEN008420 | SV-63197r1_rule | Low |
| Description |
|---|
| Successful exploitation of buffer overflow vulnerabilities relies in some measure to having a predictable address structure of the executing program. Address randomization techniques reduce the probability of a successful exploit. |
| STIG | Date |
|---|---|
| Oracle Linux 5 Security Technical Implementation Guide | 2020-02-25 |
Details
| Check Text ( C-51921r2_chk ) |
|---|
| Check that the "kernel.randomize_va_space" kernel parameter is set to "2" in /etc/sysctl.conf. Procedure: # grep ^kernel\.randomize_va_space /etc/sysctl.conf | awk -F= '{ print $2 }' If there is no value returned or if a value is returned that is not "2", this is a finding. |
| Fix Text (F-53775r3_fix) |
|---|
| Edit (or add if necessary) the entry in /etc/sysctl.conf for the "kernel.randomize_va_space" kernel parameter. Ensure this parameter is set to "2" as in: kernel.randomize_va_space = 2 If this was not already the default, reboot the system for the change to take effect. |