EXECUTIVE SUMMARY:
A new vulnerability in all modern Intel CPUs, termed Branch Privilege Injection (BPI), exploits branch predictor race conditions to leak sensitive data across user boundaries. This flaw, identified as CVE-2024-45332, allows unprivileged users to access privileged memory content by manipulating CPU prediction mechanisms. Additionally, VUSec researchers introduced "Training Solo" Spectre v2 variants (CVE-2024-28956 and CVE-2025-24495) that can bypass existing mitigations, leaking kernel memory at rates up to 17 Kb/s. Intel has released microcode updates to address these vulnerabilities, but the findings underscore ongoing challenges in securing speculative execution features in modern processors.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
A new vulnerability in all modern Intel CPUs, termed Branch Privilege Injection (BPI), exploits branch predictor race conditions to leak sensitive data across user boundaries. This flaw, identified as CVE-2024-45332, allows unprivileged users to access privileged memory content by manipulating CPU prediction mechanisms. Additionally, VUSec researchers introduced "Training Solo" Spectre v2 variants (CVE-2024-28956 and CVE-2025-24495) that can bypass existing mitigations, leaking kernel memory at rates up to 17 Kb/s. Intel has released microcode updates to address these vulnerabilities, but the findings underscore ongoing challenges in securing speculative execution features in modern processors.[emaillocker id="1283"]
RECOMMENDATION:
We recommend you to refer to below mention link to apply updates:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01247.html
REFERENCES:
The following reports contain further technical details:
https://thehackernews.com/2025/05/researchers-expose-new-intel-cpu-flaws.html