Abstract

Address Space Layout Randomization (ASLR) is designed to mitigate memory corruption exploits such as buffer overflows by randomizing the locations of critical memory regions. While ASLR significantly increases the difficulty of predicting memory addresses, research has shown that it is not an infallible defense. This paper investigates the practical effectiveness of Linux’s ASLR implementation in preventing buffer overflow attacks, with particular emphasis on how its protections can be bypassed through memory disclosure.

This paper combines a literature review of recent work on ASLR’s strengths and weaknesses, including cases where ASLR paradoxically aids exploitation, systematic bypass methods, and complementary defenses with an experimental evaluation on a 64-bit Ubuntu Linux system. The experiment involved implementing a vulnerable C program and recording memory layouts with ASLR enabled and disabled. Results demonstrate that while ASLR introduces meaningful entropy across stack, heap, and code segments (approximately 16–19 bits), these protections are fully neutralized when memory addresses are disclosed. Observations confirm that memory leaks convert ASLR from a probabilistic barrier into a deterministic vulnerability, enabling precise attacks such as Return-Oriented Programming (ROP).

Keywords: Address Space Layout Randomization, Buffer Overflow, Memory Disclosure, Exploit Mitigation.