Branch Privilege Injection: Compromising Spectre v2 Hardware Mitigations by Exploiting Branch Predictor Race Conditions

September 3, 2025 · View on GitHub

Authors:Sandro Rüegge, Johannes Wikner, Kaveh Razavi
Organization:ETH Zürich
Published at:34th USENIX Security Symposium
Webpage:https://comsec.ethz.ch/bprc
Paper:https://comsec.ethz.ch/wp-content/files/bprc_sec25.pdf
BlackHat USA 25:https://www.blackhat.com/us-25/briefings/schedule/#-for-privilege-leaking-privileged-memory-from--using-under-embargo-45260

Introduction

We introduce Branch Predictor Race Conditions (BPRC), an event-misordering effect of asynchronous branch predictors. Our work demonstrates multiple variants of BPRC that violate security assumptions on Intel processors, enabling cross-privilege and even cross barrier BTI attacks. This repository contains the paper artifacts to reproduce all presented results.

Caution

Some experiments load kernel modules that allow unprivileged users to execute arbitrary code in the kernel. This is an open door for attackers and can potentially damage the integrity of your system

Do not run on a machine that is security sensitive or where you cannot afford to loose data/availability.

Caution

The ansible playbooks modify the target systems without requesting confirmation. Ansible will also reboot the target systems.

Do not run them on your localhost.

Tip

The manual installation of kernel modules with our Makefiles caused issues for some users. You can load the kernel modules using insmod as a workaround. When the manual instructions ask you to run make -C ../uarch-research-fw/kmod_ap/ install and it gets killed, try installing the module (ap.ko in this case) using sudo insmod ../uarch-research-fw/kmod_ap/ap.ko instead.

Requirements

OS: Ubuntu (should run on 20.04, 22.04 and 24.04)

Microarchitectures

VendorCPUCodenameCodeMicroarchitectureexperiment_coreexperiment_march
IntelCore i7-14700KRaptor Lake RefreshRPL-RRaptor Cove2MARCH_GOLDEN
IntelCore i7-14700KRaptor Lake RefreshRPL-RGracemont16MARCH_GRACE
IntelXeon Silver 4510Sapphire RapidsSPRGolden Cove2MARCH_GOLDEN
IntelCore i7-13700KRaptor LakeRPLRaptor Cove2MARCH_GOLDEN
IntelCore i7-13700KRaptor LakeRPLGracemont16MARCH_GRACE
IntelCore i7-12700KAlder LakeADLGolden Cove2MARCH_GOLDEN
IntelCore i7-12700KAlder LakeADLGracemont16MARCH_GRACE
IntelCore i7-11700KRocket LakeRKLCypress Cove2MARCH_CYPRESS
IntelCore i7-10700KComet LakeCMLSkylake2MARCH_SKYLAKE
IntelCore i9-9900KCoffee Lake RefreshCFL-RSkylake2MARCH_SKYLAKE
AMDRyzen 9 9900XGranite Ridge-Zen 52MARCH_ZEN5
AMDRyzen 7 7700XRaphael-Zen 42MARCH_ZEN4
ARMGoogle TensorWhitechapel-Cortex-X14MARCH_ARMv8
ARMGoogle TensorWhitechapel-Cortex-A766MARCH_ARMv8

Your CPU might have different numbers of cores and thus the Gracemont cores might be at a different index. The experiment_core is used with taskset -c <experiment_core> to determine the core to run on.

Dependencies

Ansible

The experiments were originally run using ansible and the manual execution descriptions are provided for convenience. To run the experiments with ansible you can install ansible as follows.

sudo apt install python3-venv

python3 -m venv .venv
source .venv/bin/activate

pip install ansible

If you already have an ansible inventory you can use the host names from your inventory. Otherwise you can use a hostname or IP address where the READMEs use <hostname> and add an argument with -i <hostname>, (note the comma). Add parameter -k if you need a password for ssh access, add -K parameter if you need a password for sudo.

ansible-playbook -i example.com, run.yaml -e host=example.com

Analysis

Our experiments provide python code to analyze the results. Some of the scripts require you to have matplotlib installed.

sudo apt install python3 python3-pip
pip install matplotlib

x86_64

sudo apt install build-essential git clang linux-headers-$(uname -r) msr-tools libtirpc-dev

armv8

The Android NDK r27c binary tools directory (toolchains/llvm/prebuilt/linux-x86_64/bin/) needs to be available in your $PATH.

Metadata

We store server metadata in the file exp_metadata.py. There is a dummy entry for the manual executions but if you use the ansible scripts on your own hosts you will need to add your servers to the SERVER_MAP in this file.

The key in the map is the hostname of your server (you can run hostname to get it). Each value in the map has at least the code_name and cores attributes. code_name is the code name string for the given processor. cores lists all cores present on the given processor. Each entry is a dict with at least the march attribute which specifies the name of the microarchitecture for the given core. The order of the cores in the list should match the id Linux assigns each core (e.g., when using taskset -c <core-id>).

Overview

Each experiment has their own README.md describing how to run the experiment and what the expected outcomes are.

Folder Structure

bprc
|- ansible                     # Ansible tools to run experiments consistently
\- experiments                 # Experiments from the paper
   |- exp-benchmark-mitigations    # Mitigation performance evaluation
   |- exp-bhi-dis-s                # Intel's BHI_DIS_S behavior
   |- exp-btb-delay                # Branch predictor insertion delays on x86
   |- exp-demo-blackhat            # Attack demo used at BlackHat USA 2025
   |- exp-end2end                  # End-to-end attack
   |- exp-ibp-insertion            # IBP insertion behavior
   |- exp-leak-hypervisor          # Hypervisor vulnerability test
   |- exp-leak-ibpb                # IBPB vulnerability test
   |- exp-leak-rounds              # BPI reliability
   |- exp-leak-supervisor          # Supervisor vulnerability test
   |- exp-leak-supervisor-discern  # Supervisor vulnerability predictor attribution
   |- exp-syscall-split            # BPI syscall delay
   \- uarch-research-fw            # framework with general utils

Experiments by paper section

IDSectionReferenceFolder Name
-A.3.2Artifact Appendix Basic Testexp-test-setup
E1Section 5.1Figure 2exp-btb-delay
E2Section 5.2Table 2, BPRCUKBPRC_{U \rightarrow K}exp-leak-supervisor
E3Section 5.3BPRCGHBPRC_{G \rightarrow H}exp-leak-hypervisor
E4Section 5.3BPRCIBPBBPRC_{IBPB}exp-leak-ibpb
E5Section 6.1Observation (O4)exp-ibp-insertion
E6Section 6.1Observation (O5)exp-leak-supervisor-discern
E7Section 6.2Figure 8exp-syscall-split
E8Section 7.1Figure 9exp-leak-rounds
E9Section 7.1Table 3exp-bhi-dis-s
E10Section 8Textualexp-end2end
-Section 8Table 4summary of previous experiments
E11Section 9Table 5exp-benchmark-mitigations

Citation

@inproceedings{bprc,
  title     = {{Branch Privilege Injection}: Compromising Spectre v2 Hardware
               Mitigations by Exploiting Branch Predictor Race Conditions},
  author    = {Sandro Rüegge, Johannes Wikner and Kaveh Razavi},
  booktitle = {34th {USENIX} Security Symposium ({USENIX} Security 25)},
  year      = {2025}
}