AlmaLinux OS 9 must implement address space layout randomization (ASLR) to protect its memory from unauthorized code execution.

STIG ID: ALMA-09-044900  |  SRG: SRG-OS-000433-GPOS-00193 |  Severity: medium |  CCI: CCI-002824 |  Vulnerability Id: V-269452

Vulnerability Discussion

ASLR makes it more difficult for an attacker to predict the location of attack code they have introduced into a process' address space during an attempt at exploitation.

Additionally, ASLR makes it more difficult for an attacker to know the location of existing code to repurpose it using return oriented programming (ROP) techniques.

Check

Verify AlmaLinux OS 9 is implementing ASLR with the following command:

$ sysctl kernel.randomize_va_space

kernel.randomize_va_space = 2

If "kernel.randomize_va_space" is not set to "2", or is missing, this is a finding.

Fix

Configure the system to enable ASLR with the following command:

$ echo 'kernel.randomize_va_space = 2' > /etc/sysctl.d/60-aslr.conf

Reload settings from all system configuration files with the following command:

$ sysctl --system
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.