diff --git a/repos/base/lib/mk/base-common.inc b/repos/base/lib/mk/base-common.inc
index 637f31542..475f0e461 100644
--- a/repos/base/lib/mk/base-common.inc
+++ b/repos/base/lib/mk/base-common.inc
@@ -31,6 +31,7 @@ SRC_CC += trace.cc
 SRC_CC += root_proxy.cc
 SRC_CC += env_session_id_space.cc
 SRC_CC += vm_session.cc
+SRC_CC += stack_protector.cc
 
 INC_DIR += $(REP_DIR)/src/include $(BASE_DIR)/src/include
 
diff --git a/repos/base/lib/symbols/ld b/repos/base/lib/symbols/ld
index 7d835345a..16ef9bd5c 100644
--- a/repos/base/lib/symbols/ld
+++ b/repos/base/lib/symbols/ld
@@ -640,6 +640,8 @@ __cxa_throw_bad_array_new_length T
 __cxa_type_match T
 __dynamic_cast T
 __gxx_personality_v0 T
+__stack_chk_guard B 8
+__stack_chk_fail W
 dl_iterate_phdr T
 dl_unwind_find_exidx T
 genode_argc D 4
diff --git a/repos/base/src/lib/base/stack_protector.cc b/repos/base/src/lib/base/stack_protector.cc
new file mode 100644
index 000000000..118e3c3d2
--- /dev/null
+++ b/repos/base/src/lib/base/stack_protector.cc
@@ -0,0 +1,33 @@
+/*
+ * \brief  Stack protector support
+ * \author Emery Hemingway
+ * \date   2018-11-30
+ *
+ * The following is necessary but not sufficient for stack protection,
+ * the __stack_chk_guard is initialized to zero and must be reinitialized
+ * with a nonce to protect against malicious behavior.
+ */
+
+/*
+ * Copyright (C) 2018 Genode Labs GmbH
+ *
+ * This file is part of the Genode OS framework, which is distributed
+ * under the terms of the GNU Affero General Public License version 3.
+ */
+
+/* Genode includes */
+#include <base/log.h>
+#include <base/sleep.h>
+
+extern "C" {
+
+	Genode::uint64_t __stack_chk_guard;
+
+	__attribute__((noreturn)) __attribute__((weak))
+	void __stack_chk_fail(void)
+	{
+		Genode::error("stack protector check failed");
+		Genode::sleep_forever();
+	}
+
+}