← Cybersecurity Alphabet Soup

ASLR

Address Space Layout Randomization

appsecmedium

ASLR randomizes where a program's code, stack, and libraries sit in memory each time it runs. Memory corruption exploits usually need to know exact addresses to redirect execution, so randomization turns a reliable exploit into a guessing game. It is a standard mitigation in every major operating system, though information leaks that reveal addresses can defeat it, so it works best layered with defenses like DEP and stack canaries.

Sources

More in appsec