← Rules Catalog
mediumkernelkernel-randomize-va-space

Enable ASLR (kernel.randomize_va_space)

Address space layout randomization must be set to the fully randomized value to mitigate memory-corruption exploitation.

kernelsysctlaslr

Frameworks satisfied

DISA STIG
rhel9: RHEL-09-213010 · V-257803 · CAT II
NIST 800-53
SC-30SI-16
CIS Benchmark
1.5.1

Platforms

rhel 8+rhel 9+ubuntu 20+

Check

sysctl_valuekernel.randomize_va_space = 2

Remediation

sysctl_setkernel.randomize_va_space = 2persisted to /etc/sysctl.d/50-hanalyx.conf