V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m54s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m54s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -359,17 +359,6 @@ grub_parameter:
|
||||
##############################################################################################################################
|
||||
- "randomize_kstack_offset=on"
|
||||
|
||||
##############################################################################################################################
|
||||
# ASLR (Address Space Layout Randomization) causes central areas of memory to be assigned random addresses each time a program
|
||||
# is started. These include: Stack, Heap, Shared libraries (e.g., libc), mmap regions, VDSO/VSyscall. The executable itself
|
||||
# (only with PIE binaries). The aim is to make it more difficult for attackers to predict memory addresses, thereby preventing
|
||||
# classic exploits that rely on known addresses from succeeding.
|
||||
# 0: disabled Fixed memory addresses – insecure, testable.
|
||||
# 1: Partial ASLR Heap, mmap are randomized, stack only partially randomized.
|
||||
# 2: Full ASLR (default) Stack, mmap, heap, VDSO, shared libraries all randomized.
|
||||
##############################################################################################################################
|
||||
- "randomize_va_space=2"
|
||||
|
||||
##############################################################################################################################
|
||||
# Enable mitigations for RETBleed (Arbitrary Speculative Code Execution with Return Instructions) vulnerability and disable
|
||||
# SMT. If 'mitigations=auto,nosmt' is set, the kernel already activates all retbleed-relevant mitigations, provided the CPU
|
||||
|
||||
Reference in New Issue
Block a user