To set the runtime status of the 'kernel.randomize_va_space' kernel parameter, run the following command: [don't_use_ASLR/randomize base address for mmap'd areas/ditto, and also randomize the brk base address] Address space layout randomization (ASLR) makes it more difficult for an attacker to predict the location of attack code they have introduced into a process's address space during an attempt at exploitation. Additionally, ASLR makes it more difficult for an attacker to know the location of existing code in order to re-purpose it using return oriented programming (ROP) techniques. oval:org.secpod.oval:def:31248 oval:org.secpod.oval:def:30525 SCAP Repo OVAL Definition 2015-11-13