There are a number of exploit mitigation techniques to reduce the impact of common C vulnerabilities. Unfortunately they are not as widely used as they should in free operating systems.
For ASLR to work properly Linux needs position independent code and position independent executables (CFLAGS -fpic and -pie). Currently most Linux distributions don't enable pie by default.
The grsecurity project includes many exploit mitigation techniques. It is a patch for the Linux kernel. Based on experience many local root exploits in the past were prevented on systems using grsecurity.
Most likely many parts of grsecurity could be integrated into the mainline kernel. This would involve splitting the patchset up into single patches that change single bits and submit them to the responsible upstream subsystem maintainer.
This has already partly happened in the past, however until now only a very small subset of grsecurity improvements went upstream.
Approaches that try to implement memory safety in C: