Skip to main content

SQ14135

Detected Windows executable files that implement now deprecated MPX vulnerability mitigation protection.

priorityCI/CD statusseverityeffortSAFE levelSAFE assessment
NonepasslowmediumNoneNone

About the issueโ€‹

Intel Memory Protection eXtensions (MPX) was a hardware-level vulnerability mitigation option designed to prevent stack-based memory corruptions. This was an experimental vulnerability mitigation protection that was deprecated due to performance and efficacy concerns. It was implemented as a conjunction of software and hardware features, with the processor being ultimately responsible for its enforcement. Due to design choices, there was a significant performance impact. This impact manifests even on processors that did not have this vulnerability mitigation option.

How to resolve the issueโ€‹

  • Re-compile the application with a newer version of the programming language toolchain. This will remove the deprecated functionality from the resulting executable, and eliminate its residual performance penalties.

Incidence statisticsโ€‹

ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes. Analysis results are used to calculate incidence statistics for issues (policy violations) that Spectra Assure can detect in software packages.

This section is updated when new data becomes available.

Total amount of packages analyzed

  • RubyGems: 183K
  • Nuget: 644K
  • PyPi: 628K
  • NPM: 3.72M
Statistics are not collected for the SQ14135 policy at this time, or not applicable to this type of issue.