Skip to main content

SQ14131

Detected Windows executable files that do not implement retpoline vulnerability mitigation protection.

priorityCI/CD statusseverityeffortSAFE levelSAFE assessment
NonepasslowmediumNoneNone

About the issueโ€‹

Retpoline vulnerability mitigation protects sensitive user data from being accessed by untrusted code. This family of security issues is caused by speculative instruction order execution at the hardware level. Speculative execution is a processor feature meant to improve the speed of code execution. By executing possible indirect function call targets in parallel, the processor can have an answer ready regardless of the path taken by the application. Since possible branches get executed, the processor branch predictor can be forced to access data for which the lower privilege code does not have access rights.

How to resolve the issueโ€‹

  • It's highly recommended to enable this option for all software components used across security privilege boundaries, such as isolated processes, or for user-to-kernel mode transitions. Although there is still a performance impact to having this vulnerability mitigation enabled, those side-effects have been greatly reduced in newer operating system versions.
  • To enable this mitigation, refer to your programming language toolchain documentation.
  • In Microsoft VisualStudio, you can enable retpoline mitigation by passing the /Qspectre parameter to the compiler and linker.

Incidence statisticsโ€‹

ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes. Analysis results are used to calculate incidence statistics for issues (policy violations) that Spectra Assure can detect in software packages.

This section is updated when new data becomes available.

Total amount of packages analyzed

  • RubyGems: 183K
  • Nuget: 644K
  • PyPi: 628K
  • NPM: 3.72M
Statistics are not collected for the SQ14131 policy at this time, or not applicable to this type of issue.