Defeating Kaslr by Doing Nothing at All
Key topics
A Google Project Zero blog post reveals that KASLR (Kernel Address Space Layout Randomization) can be defeated by exploiting the Linux kernel's behavior of mapping the entire physical memory, sparking a discussion on the implications and potential mitigations.
Snapshot generated from the HN discussion
Discussion Activity
Moderate engagementFirst comment
5d
Peak period
7
120-132h
Avg / period
3.3
Key moments
- 01Story posted
Nov 4, 2025 at 5:52 AM EST
about 2 months ago
Step 01 - 02First comment
Nov 9, 2025 at 4:53 AM EST
5d after posting
Step 02 - 03Peak activity
7 comments in 120-132h
Hottest window of the conversation
Step 03 - 04Latest activity
Nov 9, 2025 at 8:18 PM EST
about 2 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Funny how Google is paying people to find exploits in their product, and also pays people to ignore those vulnerability reports.
Pixels seem to be pretty secure when running Graphene, from what I have heard.
Yes, it is effectively security by obscurity using the fact that nobody knows exactly which compiler options you tweaked, but the reality is it works really well since almost all exploits need to know some code offsets very precisely to work.
Also, many state security agencies have a ready to go exploit for the latest iOS, but they don't have a team ready to assemble a custom exploit for your modded android.
https://lwn.net/Articles/1044867/
- - -
Make sure you get down to the comment by ardbiesheuvel, “linear map randomization was already broken”, past all the hot air about the lack of QA. This comment explains why hot pluggable memory causes issues with randomization.
Now off to read the article.
[1] https://www.vusec.net/projects/rain/