Listen to this Post
ETH Zürich researchers have uncovered a significant new security flaw impacting modern Intel processors. Known as Branch Privilege Injection (BPI), this vulnerability allows hackers to exploit CPU prediction calculations to access sensitive data from other users sharing the same processor. The discovery underlines how Spectre, a security vulnerability that has haunted computer systems for over seven years, continues to affect modern computing environments.
Overview of the Issue
The BPI flaw, identified by researchers at ETH Zürich, can be exploited to leak data from memory by misusing how Intel CPUs perform predictive calculations. This attack mechanism leverages a known issue within Intel’s branch predictors, opening a window of opportunity for attackers to bypass security barriers and gain unauthorized access to another user’s data.
Kaveh Razavi, the head of ETH Zürich’s Computer Security Group (COMSEC) and lead author of the study, explains that the vulnerability is widespread and affects all Intel processors. This flaw enables attackers to read sensitive information, including data stored in processor caches and memory, potentially exposing the private information of users on the same machine.
The vulnerability arises from Branch Predictor Race Conditions (BPRC), which occur when a CPU switches between prediction calculations for different users with varying permissions. This creates a situation where an unprivileged attacker could exploit this race condition to breach security and access confidential data from a privileged user.
Intel has since issued a series of microcode patches to mitigate the risk, but the vulnerability, identified as CVE-2024-45332, remains a critical concern. The CVSS v4 score for this flaw is 5.7, reflecting a moderate to high risk. Intel’s advisory released on May 13 highlights the danger of information leakage due to shared microarchitectural predictor states influencing transient execution in indirect branch predictors for affected processors.
What Undercode Says:
As the ongoing Spectre saga continues, this discovery shines a spotlight on the vulnerabilities that persist in Intel’s processors despite years of security patches and efforts to mitigate risks. Spectre itself, which first emerged in 2018, was designed to exploit speculative execution vulnerabilities to steal data across process boundaries. The new BPI vulnerability demonstrates how Spectre’s influence has not only remained present but evolved, now impacting all Intel CPUs.
The implications of this vulnerability are particularly concerning given that it can be triggered in multi-user environments. On shared systems, a bad actor can potentially access another user’s data without their knowledge, posing a significant risk to data privacy. Additionally, while Intel has released patches to address the CVE-2024-45332 flaw, it remains clear that Spectre-like vulnerabilities continue to haunt modern processors.
Researchers from Vrije Universiteit Amsterdam have also made breakthroughs in exploiting Spectre v2 attacks, with a category of self-training attacks codenamed Training Solo. These types of exploits can allow attackers to leak sensitive kernel data at up to 17 Kb/s, effectively breaking domain isolation between different user spaces, and bypassing traditional privilege boundaries. The study found that this technique could reactivate classic Spectre v2 attacks, even without the need for advanced sandbox environments like eBPF.
With a growing number of Spectre-related vulnerabilities emerging—such as CVE-2024-28956 and CVE-2025-24495—Intel’s efforts to patch these issues, while necessary, might not be enough to fully safeguard systems in the long term. This situation highlights a critical need for ongoing research and stronger architectural security, not only to mitigate current vulnerabilities but also to design CPUs that can withstand future threats.
Furthermore, the role of AMD in the discourse surrounding Spectre vulnerabilities is noteworthy. While Intel pushes forward with patches, AMD has updated its guidance to account for risks associated with Spectre and Meltdown, specifically emphasizing the use of classic Berkeley Packet Filter (cBPF) as a potential attack vector. This shows a collaborative effort within the industry to address these pervasive issues, even if the ultimate solution remains elusive.
Fact Checker Results:
🔍 Confirmed: ETH Zürich’s findings on Branch Privilege Injection (BPI) as a vulnerability affecting all Intel processors are accurate, supported by Intel’s advisory.
🔍 Intel Patches Released: Microcode updates have been rolled out to address CVE-2024-45332, but the vulnerability’s risk remains moderate.
🔍 Spectre’s Evolution: Spectre vulnerabilities, including self-training Spectre v2 attacks, continue to evolve, challenging security solutions.
Prediction:
Looking ahead, it’s likely that researchers will continue to find new vulnerabilities within speculative execution models, as seen with Spectre and Meltdown. Intel’s recent patches are a step in the right direction, but as attackers grow more sophisticated, further hardware and software-level improvements will be essential. The growing trend of self-training attacks like Training Solo suggests that the need for better isolation techniques and more robust privilege boundaries will only increase. The battle between hardware manufacturers and hackers is far from over, and we can expect to see further breakthroughs in this area. Additionally, as Intel and AMD push out more patches, the possibility of new Spectre-related vulnerabilities emerging will keep the tech industry on high alert.
References:
Reported By: thehackernews.com
Extra Source Hub:
https://www.pinterest.com
Wikipedia
Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
