CME-104

KASLR (Kernel Address Space Layout Randomization)

Harden OS/Kernel High Confidence

Description

Randomizes the kernel base address at each boot, making kernel exploits harder by requiring address leaks to locate kernel functions and data structures.

CVSS Vector Impacts

Metric Transition Rationale
Attack Complexity (AC) L H Kernel exploit must include info leak to locate kernel symbols

CWE Relationships

CWE-119 CWE-269

Verification

Verify KASLR is not disabled in boot parameters

$ cat /proc/cmdline | grep -v nokaslr && echo 'KASLR active'
# Expected: KASLR active
Platform: linux
$ dmesg | grep 'KASLR'
# Expected: KASLR enabled
Platform: linux
← CME-103: Stack Canaries (Stack Protector) CME-105: SMEP (Supervisor Mode Execution Prevention) →