Exploiting Linux and PaX ASLR’s weaknesses on 32-bit and 64-bit systems

Hector Marco Gisbert, Ismael Ripoll

Research output: Contribution to conferencePaper


In this work, we present four weaknesses in current Linux and PaX ASLR design and implementation:

1) Too low entropy
2) Non-uniform distribution
3) Correlation between objects
4) Inheritance

A proof of concept exploiting the correlation weakness is presented, which bypasses the Full ASLR Linux in 64-bit systems in less than one second - the system is protected. A deep analysis of all these weaknesses enabled us to propose a new ASLR design. A proof of concept on Linux will be named ASLR-NG, which overcomes all current ASLRs including PaX solution. Finally, we present ASLRA, a suit tool to analyze the ASLR entropy of Linux.
Original languageEnglish
Publication statusPublished - 29 Mar 2016
EventBlack Hat Asia 2016 - Marina Bay Sands, Singapore, Singapore
Duration: 29 Mar 20161 Apr 2016


ConferenceBlack Hat Asia 2016
Internet address


  • CyberSecurity
  • Linux
  • ASLR


Dive into the research topics of 'Exploiting Linux and PaX ASLR’s weaknesses on 32-bit and 64-bit systems'. Together they form a unique fingerprint.

Cite this