| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACBLJD=y-4aWa-7r-xhfYoTVEkQAGi2EmG3nA97rH2cz-KXmcw@mail.gmail.com>
Date: Tue, 30 Jul 2024 16:45:29 +0530
From: "Prithivi Raj.S" <prithivi.s017@...il.com>
To: linux-hardening@...r.kernel.org
Subject: Unexpected Heap Randomization Behavior in Kernel Version 5.10.216
I have been testing Address Space Layout Randomization (ASLR)
functionalities with the kernel.randomize_va_space sysctl parameter.
According to the kernel documentation:
0 disables randomization.
1 randomizes the address of mmap base, stack, and VDSO page.
2 randomizes the heap address.
However, I have observed that in kernel version 5.10.216, the heap
base address is being randomized even when kernel.randomize_va_space
is set to 1. This behavior is not the same as described for this
parameter.
I tested this on an older kernel version (3.10.0) from the CentOS 7.9
distribution, where the feature worked as documented.
Test Code:
int main() {
// Get the current end of the heap
void *heap_addr = sbrk(0);
printf("Current end of heap (base address): %p\n", heap_addr);
return 0;
}
I would like to know if this behavior indicates a kernel bug or if the
heap address randomization is being influenced by other factors. This
is my first communication with the Linux community, so please let me
know if there is anything inappropriate or missing in my report. I am
happy to provide any additional information if needed.
Powered by blists - more mailing lists