SQ14103
Detected Windows executable files that try to implement DEP but declare all sections as executable thus nullifying the vulnerability mitigation protection.
| priority | CI/CD status | severity | effort | RL level | RL assessment |
|---|---|---|---|---|---|
 | pass | high | medium | None | hardening: warning Reason: ineffective mitigations found |
About the issueโ
Data Execution Prevention (DEP/NX) is a vulnerability mitigation option that protects the application stack, heap and other memory data ranges from being interpreted as code and executed. This mitigation is detected as enabled, but rendered ineffective due to configured memory access privileges. It is unlikely that an executable file only consists of code without any data sections. Since all file sections are declared as executable, this is raised as an issue that violates the code and data separation rule enforced by DEP.
How to resolve the issueโ
- Review the programming language linker options.
Incidence statisticsโ
ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes.
For every repository, the chart shows the percentage of projects that triggered the software assurance policy. In other words, it shows how many projects were found to have the specific issue described on this page.
The percentages are calculated from the total amount of packages analyzed:
- RubyGems: 174K
- Nuget: 189K
- PyPi: 403K
- NPM: 2.1M
Recommended readingโ
- What is Data Execution Prevention (DEP)? (External resource - Microsoft)