Branch Privilege Injection: Compromising Spectre v2 Hardware Mitigations by Exploiting Branch Predictor Race Conditions
Sandro Rüegge
34th USENIX Security Symposium (USENIX Security '25) · Day 2 · Hardware Security 1: Microarchitectures
This talk, presented by Sandro Rüegge, delves into a critical vulnerability discovered in Intel processors that undermines hardware mitigations designed to protect against **Spectre v2** (Branch Target Injection) attacks. Specifically, the research uncovers a novel **race condition** in Intel's **Enhanced Indirect Branch Restricted Speculation (EIBRS)**, a key hardware defense introduced in 2018. While EIBRS was believed to effectively prevent cross-privilege Spectre v2 attacks for years by isolating branch predictions across privilege levels, Rüegge and his co-authors, Professor Kaveh Razavi and Dr. Daniel Wickner, demonstrate that asynchronous updates within the branch predictor unit can be exploited. This allows an attacker in user space to "inject" a malicious branch target into the supervisor mode's branch predictor, ultimately enabling **speculative execution** of arbitrary code gadgets in a higher privilege level, such as the kernel or hypervisor.
AI review
Rüegge and co-authors don't just find another Spectre gadget — they break a hardware mitigation that Intel shipped as the definitive fix and that the entire industry trusted for six-plus years. Discovering that EIBRS's privilege tagging is raceable through a system call boundary, and that the BTB update pipeline is asynchronous in a security-relevant way nobody had modeled, is exactly the kind of foundational microarchitectural insight that resets assumptions. This is USENIX-tier work that earned a CVE, forced an Intel microcode response after nine months, and reopens VM-to-hypervisor…