Half Spectre, Full Exploit

Hardening Rowhammer Attacks with Half-Spectre Gagets

Despite nearly a decade of mitigation efforts by both
industry and academia, the community has yet to find com-
prehensive and efficient countermeasures against pernicious
hardware vulnerabilities such as Spectre and Rowhammer.
While Spectre mitigations have mostly focused on patching
dangerous disclosure gadgets in high-value codebases such as
the Linux kernel, mitigating Rowhammer in software is still
challenging and security often hinges on the (im)practicality
of real-world attacks. Indeed, some Rowhammer attacks are
entirely nondeterministic, triggering random bit flips in the
hope of corrupting victim data—but at the risk of corrupting
critical data and crashing the system. More reliable attacks rely
on techniques such as memory templating and massaging, but
achieving fully deterministic behavior is still difficult in face of
complex memory management abstractions in both hardware
and software.

In our S&P’25 paper, we show that fully deterministic Rowhammer
attacks are feasible. To this end, we exploit synergies with
Spectre and specifically focus our attention on so-called half-
Spectre gadgets. We show these gadgets, previously deemed
unexploitable on last-generation CPUs due to their inability
to directly disclose secret data, do enable powerful disclosure
primitives to harden other attacks such as Rowhammer. Specif-
ically, we use half-Spectre gadgets to build PRELOAD+TIME,
a generic primitive to monitor a controlled victim’s physical
memory activity at the cache line granularity, without sharing
memory with the victim. We use this capability to craft
ProbeHammer, the first crash-free end-to-end Rowhammer
exploit that does not rely on templating or massaging. In
detail, we spray physical memory with aggressor (i.e., user)
and victim (i.e., page table) data and disclose their location
with PRELOAD+TIME. This primitive allows us to select safe
hammering patterns and avoid unintended bit flips that may
crash the system. Our evaluation confirms ProbeHammer at-
tacks yield no false positives (hence, no crashes) by construction
and can compromise real-world systems in a matter of hours.

The code can be found in our Github repository.