Address Space Layout Randomization (ASLR)

Security+ 🏆 • Secure Development ⚙️ • Difficulty: premium

Definition

ASLR is an operating-system defense that randomizes where code and data live in a process’s memory (stacks, heaps, libraries, and sometimes the executable) so attacks that rely on fixed addresses are far harder to pull off.

Examples

A classic buffer overflow needs the address of system() in a shared library. With ASLR, that library loads at a different base each run, so the hard-coded address fails.
An app is rebuilt as a Position Independent Executable (PIE). Now the main binary’s base address also changes, removing a reliable anchor for Return-Oriented Programming (ROP).

Discover 🔎

Exploits often depend on knowing exactly where things sit in memory—functions, gadgets, return addresses, and buffers. ASLR scrambles that map on every process start: the stack begins at a new location, the heap grows from a different base, shared libraries load at random addresses, and—if the binary is compiled as PIE—the executable itself moves too. Without a stable map, hard-coded jumps miss their target and many memory-corruption attacks fail or become unreliable.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.