I kind of understand how stack frames work. Why do we use them to store the return address? It looks like that is why buffer overflows happen. Wouldn't it be more secure to allocate a certain memory region to just keep return addresses, fully separated from the stack?
Actually, that is the way many Forth implementations work, they have a return stack as well as a data stack.
However, I know of no mainstream processors that do this same thing in hardware (except possibly the Forth-based ones from many moons ago).
They tend to have just the one stack that is used for both purposes.
In any case, stack-smashing is only one possible consequence of buffer overflows. It's not the storing of the return addresses that causes buffer overflows, it's the latter that corrupts the former. Even if you kept return addresses separate, buffer overflows would still corrupt data unrelated to return addresses.
Some would say that was even worse since, with stack smashing, you probably crash quickly because your function returns to some random memory location.
Protecting the return information would stop this from happening and then that corrupted data would be free to cause you more issues down the line somewhere :-)