CME-108

kptr_restrict (Kernel Pointer Restriction)

Harden OS/Kernel High Confidence

Description

Hides kernel pointer addresses from unprivileged users, denying the address leaks needed to exploit kernel vulnerabilities when KASLR is active.

CVSS Vector Impacts

Metric Transition Rationale
Attack Complexity (AC) L H Removes trivial kernel address leak vector via /proc/kallsyms

CWE Relationships

CWE-200 CWE-119

Verification

Check kptr_restrict sysctl is 1 or 2

$ cat /proc/sys/kernel/kptr_restrict
# Expected: 1
Platform: linux
← CME-107: Kernel Module Loading Restriction CME-109: Kernel Lockdown Mode →