On the Effectiveness of Full-ASLR on 64-Bit Linux

The effectiveness of ASLR hinges on the entirety of the address space layout remaining unknown to the attacker. Only executables compiled as Position Independent Executable (PIE) can obtain the maximum protection from the ASLR technique since all the sections are loaded at random locations. The presenter has identified a security weakness on the implementation of the ASLR in GNU/Linux when the executable is PIE compiled.

Provided by: SecurityTube.net Topic: Software Date Added: Feb 2015 Format: Webcast

Find By Topic