Address Space Layout Randomization (ASLR) is not enabled
Description
The success of many cyberattacks, particularly zero-day exploits, relies on the hacker's ability to know or guess the position of processes and functions in memory. To prevent this, enable ASLR (Address space layout randomization), which is a memory-protection process that randomizes the location where system executables are loaded into memory. This would cause the target application to crash when an attacker attempts to exploit an incorrect address space location, thus preventing the attack. Fixing this misconfiguration will enable ASLR in your network endpoints.
Severity
important
Category
Linux - OS Security
Resolution
Follow the below steps to resolve the misconfiguration.
Set the following parameter in /etc/sysctl.conf or a /etc/sysctl.d/* file:
kernel.randomize_va_space = 2
Run the following command to set the active kernel parameter:
sysctl -w kernel.randomize_va_space=2
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations.
Does remediation require reboot?
Yes
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.
