Address Space Layout Randomization (ASLR) not enforced

Address Space Layout Randomization (ASLR) not enforced

Risk: medium

Description

Address Space Layout Randomization (ASLR) is memory protection that randomizes the layout space to mitigate memory exploitation techniques.

Recommendation

Address Space Layout Randomization (ASLR) is enabled by default on XCode. Please do not disable it.

Links

• Address Space Layout Randomization (Wikipedia)

Standards

• OWASP_MASVS_L1:
  • MSTG_CODE_9
• OWASP_MASVS_L2:
  • MSTG_CODE_9
• GDPR:
  • ART_5
  • ART_32
• PCI_STANDARDS:
  • REQ_2_2
  • REQ_6_2