Post Syndicated from original https://lwn.net/Articles/938637/

The kernel’s address-space layout randomization is intended to make life
harder for attackers by changing the placement of kernel text and data at
each boot. With this randomization, an attacker cannot know ahead of time
where a vulnerable target will be found on any given system. There are
techniques, though, that can be effective without knowing precisely where a
given object is stored. As a way of hardening systems against such
attacks, the kernel will be gaining yet another form of randomization.