Forgive me for my lack of lower level knowledge. I am kind of interested to know why in spite of advanced ASLR protection Buffer Overflow and Heap Buffer overflow happen in modern software like Chromium browser, surprising to see so many heap overflow bugs in their bug tracker.<p>Can someone ELI5 how buffer overflow defeats ASLR?
ASLR doesn’t do anything to prevent buffer overflows; it makes it harder to exploit them.<p>That doesn’t mean it makes it impossible, and even if it did, the buffer overflow itself still is a bug.