← Back to team overview

documentation-packages team mailing list archive

Re: [Bug 1912614] Re: kASLR incorrectly described as disabled by default in Security/Features

 

On Fri, Jan 22, 2021 at 01:09:13PM -0000, lo-na-aleim wrote:
> Sorry for reaching out in the wrong place. I guess the right place for this would have been the mailing list? 
> I started from: https://wiki.ubuntu.com/DocumentationTeam/SystemDocumentation  

Actually, thanks for this, I'll amend the script that emits the page to
suggest exactly this -- the mail list, #ubuntu-hardened on
irc.freenode.net, or https://discourse.ubuntu.com/c/security/33

> I guess someone techy enough to care about kASLR will be able to work
> with the Solutions provided by @crass here:
> https://askubuntu.com/questions/704640/how-to-detect-in-runtime-is-kaslr-enabled-or-disabled
> :)

Yes, it's detailed enough that it's bound to be useful for someone who
*really* wants to get into this. :)

Thanks

-- 
You received this bug notification because you are a member of
Documentation Packages, which is subscribed to ubuntu-docs in Ubuntu.
https://bugs.launchpad.net/bugs/1912614

Title:
  kASLR incorrectly described as disabled by default in
  Security/Features

Status in ubuntu-docs package in Ubuntu:
  Fix Released

Bug description:
  According to: https://wiki.ubuntu.com/Security/Features kASLR is disabled by default. Additionally,
  it is reported that enabling kASLR will disable the ability to hibernate.

  I think that this is no longer true, but I don't want to edit the wiki without clarifying some details.
  I discovered the active kASRL when I spun up a qemu vm with Ubuntu 20.04, all defaults and ran volatility3 on a memory dump. On the vm itself the kernel params do not mention kASLR / Kernel hardening:

  cat /proc/cmdline
  BOOT_IMAGE=/boot/vmlinuz-5.4.0-58-generic root=UUID=eb6426f9-969b-4ce8-a690-ef87e410d5bf ro quiet splash vt.handoff=7

  I also found this somewhere as a supposedly reliable way to tell if kASLR is on:
  cat /proc/sys/kernel/randomize_va_space
  2

  I asked a colleague who runs his ubuntu 20.04 directly on his laptop
  for his cmdline and randomize_va_space, same results. He said he did
  not knowingly touch any settings regarding kASLR.

  Now, it seems like at some point kASLR became on by default. But I am
  not really sure whether it still affects hibernation? I can't find
  anything reliable on the wiki. My colleague is not sure whether he
  disabled hibernation for different reasons or whether it was disabled
  in the first place and I don't want to use my vm as reference, since
  its not necessarily a "typical environment".

  Note, the answers here should be updated as well, since checking the
  kernel params will no longer be reliable.
  https://askubuntu.com/questions/704640/how-to-detect-in-runtime-is-
  kaslr-enabled-or-disabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/1912614/+subscriptions


References