kASLR incorrectly described as disabled by default in Security/Features
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ubuntu-docs (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
According to: https:/
it is reported that enabling kASLR will disable the ability to hibernate.
I think that this is no longer true, but I don't want to edit the wiki without clarifying some details.
I discovered the active kASRL when I spun up a qemu vm with Ubuntu 20.04, all defaults and ran volatility3 on a memory dump. On the vm itself the kernel params do not mention kASLR / Kernel hardening:
cat /proc/cmdline
BOOT_IMAGE=
I also found this somewhere as a supposedly reliable way to tell if kASLR is on:
cat /proc/sys/
2
I asked a colleague who runs his ubuntu 20.04 directly on his laptop for his cmdline and randomize_va_space, same results. He said he did not knowingly touch any settings regarding kASLR.
Now, it seems like at some point kASLR became on by default. But I am not really sure whether it still affects hibernation? I can't find anything reliable on the wiki. My colleague is not sure whether he disabled hibernation for different reasons or whether it was disabled in the first place and I don't want to use my vm as reference, since its not necessarily a "typical environment".
Note, the answers here should be updated as well, since checking the kernel params will no longer be reliable. https:/
description: | updated |
Thanks for your report! However, the ubuntu-docs package is for the Ubuntu desktop guide, and not for that wiki page you mentioned.
I would suggest that you get in touch with members of <https:/ /launchpad. net/~ubuntu- security> to discuss possible changes of the page. I also subscribed that team to this bug report, which possibly will help.
Keeping this bug open for now, even if the "Affects" info is not correct.