Provided by: SecurityTube.net
Date Added: Feb 2015
The effectiveness of ASLR hinges on the entirety of the address space layout remaining unknown to the attacker. Only executables compiled as Position Independent Executable (PIE) can obtain the maximum protection from the ASLR technique since all the sections are loaded at random locations. The presenter has identified a security weakness on the implementation of the ASLR in GNU/Linux when the executable is PIE compiled.