NX Bit

The memory of a process is divided into different segments. Roughly speaking, memory regions are distinguished by whether they contain data or executable code. Memory pages which are intended to store data are labeled with the No-eXecute (NX) bit. In case an application tries to execute code located in such a page, an error is raised.

Primitive buffer overflows try to execute code on the stack. Due to the fact that the NX bit is set for the memory pages containing the stack, these attacks are prevented. However, it does not defend against ROP attacks reusing existing code1). Note that once an attacker is able to execute code via ROP, the mprotect()2) function can be used to disable the protection of arbitrary memory regions3).

← Back to Position-independent Executable (PIE) Overview Continue with Control-flow Integrity (CFI) →

1) T. Saito, R. Watanabe, S. Kondo, S. Sugawara and M. Yokoyama, „A Survey of Prevention/Mitigation against Memory Corruption Attacks,“ 2016 19th International Conference on Network-Based Information Systems (NBiS), Ostrava, 2016, pp. 500-505.