{"id":45734,"date":"2022-03-15T15:36:33","date_gmt":"2022-03-15T15:36:33","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33211\/Another-Data-Leaking-Spectre-Bug-Found-Smashes-Intel-Arm-Defenses.html"},"modified":"2022-03-15T15:36:33","modified_gmt":"2022-03-15T15:36:33","slug":"another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/","title":{"rendered":"Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses"},"content":{"rendered":"<p><span data-label=\"analysis\">Analysis<\/span> Intel this month published an advisory to address a novel Spectre v2 vulnerability in its processors that can be exploited by malware to steal data from memory that should otherwise be off limits.<\/p>\n<p>Arm said a number of its processor cores are also affected by this security flaw, and like Intel, its hardware defenses can&#8217;t block it outright, leaving developers to implement software-level mitigations.<\/p>\n<p>The latest Spectre revival, identified by academics at VU Amsterdam, is known as <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.vusec.net\/projects\/bhi-spectre-bhb\/\">Branch History Injection<\/a> (BHI). Spectre is one of two closely related chip architecture blunders, details of which <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2018\/01\/05\/spectre_flaws_explained\/\" rel=\"noopener\">emerged<\/a> in 2018; the other being Meltdown that <em>The Register<\/em> <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2018\/01\/02\/intel_cpu_design_flaw\/\" rel=\"noopener\">first highlighted<\/a>.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The VU Amsterdam team \u2013 Enrico Barberis, Pietro Frigo, Marius Muench Herbert Bos, and Cristiano Giuffrida \u2013 described BHI [<a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/download.vusec.net\/papers\/bhi-spectre-bhb_sec22.pdf\">PDF<\/a>] as a variation of Spectre v2, also known as Branch Target Injection (BTI).<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>What makes BHI noteworthy is that it can bypass recent silicon-level BTI mitigations implemented by Intel (eIBRS, or enhanced Indirect Branch Restricted Speculation) and Arm (CSV2, short for FEAT_CSV2, which separates predictions by context), thus allowing information to leak across privilege boundaries. In other words, a rogue user-level application can use BHI to extract keys and other secrets from OS kernel memory, which should be out of bounds, and the built-in defenses on Intel and Arm-designed CPU cores won&#8217;t work.<\/p>\n<p>Spectre v2\/BTI is exploited by manipulating the indirect branch predictors in an affected processor to speculatively execute &#8220;gadgets&#8221; \u2013 blocks of carefully chosen code \u2013 that gradually leak memory from one part of the system into another. Initially this was addressed through software (retpoline), which slowed things down to a degree, and then hardware (eIBRS and CSV2).<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>However, what the VU boffins recently found was that these hardware fixes fail to address the full scope of the Spectre v2\/BTI attack surface.<\/p>\n<p>The eIBRS and CSV2 defenses reinforce privilege boundaries for transient operations, but they fail to isolate a global branch history buffer that can be used to influence target predictions for indirect branches across privilege boundaries.<\/p>\n<p>&#8220;The hardware mitigations do prevent the unprivileged attacker from injecting predictor entries for the kernel,&#8221; a VU <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.vusec.net\/projects\/bhi-spectre-bhb\/\">blog post<\/a> explains. &#8220;However, the predictor relies on a global history to select the target entries to speculatively execute. And the attacker can poison this history from userland to force the kernel to mispredict to more &#8216;interesting&#8217; kernel targets (i.e., gadgets) that leak data.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The VU team said AMD is not affected by BHI.<\/p>\n<p>As we&#8217;ve noted before with the Spectre and Meltdown family, if malware really wanted to steal information from, say, the kernel it would probably use a privilege-escalation hole in the operating system to achieve this, rather than gradually extract data via the processor&#8217;s inner mechanisms. That said, left unchecked, Spectre might be more widely exploited. In any case, it&#8217;s an interesting consequence of modern CPU pipeline design, in which engineers one way or another prioritized performance over security.<\/p>\n<h3 class=\"crosshead\"> <span>Intel response<\/span><br \/>\n<\/h3>\n<p>With Spectre once again reanimated, Intel responded by <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/03\/09\/microsoft_patch_tuesday\/\" rel=\"noopener\">issuing<\/a> security advisory <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/software-security-guidance\/advisory-guidance\/branch-history-injection.html\">INTEL-SA-00598<\/a>, covering Branch History Injection (CVE-2022-0001) and Intra-mode Branch Target Injection (CVE-2022-0002).<\/p>\n<p>Intel&#8217;s advisory is basically guidance on how to stop known and anticipated exploitation methods for BHI, a promise that future chips will tackle the flaw, and updated technical documentation for programmers:<\/p>\n<p>The advisory lists vulnerable processors; it includes 10th and 11th-generation Core chips.<\/p>\n<h3 class=\"crosshead\"> <span>Intel&#8217;s not done yet<\/span><br \/>\n<\/h3>\n<p>Gelsinger&#8217;s gang took the opportunity to share their own research paper that identified a weakness in AMD&#8217;s original 2018 kernel-level Spectre mitigation. The <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/arxiv.org\/abs\/2203.04277\">paper<\/a>, titled &#8220;You Cannot Always Win the Race: Analyzing the LFENCE\/JMP Mitigation for Branch Target Injection,&#8221; looks at AMD&#8217;s use of LFENCE\/JMP x86 instructions to serialize code execution to protect against speculative-execution side-channel leaks.<\/p>\n<p>The VU BHI research, according to Intel researchers, prompted Intel&#8217;s partners to ask whether AMD&#8217;s LFENCE\/JMP software mitigation for Spectre v2 on x86 processors \u2013 passed over in favor of retpoline and eIBRS on Intel chips, and the default Linux kernel mitigation on AMD systems \u2013 might be a viable option to close the newly discovered BHI security gap on Intel silicon.<\/p>\n<p>According to Intel&#8217;s Alyssa Milburn, Ke Sun, and Henrique Kawakami, that would not be a good option. LFENCE\/JMP &#8220;relies on an inherent race condition, and we show that the remaining window for speculative execution can still allow the transient execution of disclosure gadgets,&#8221; the trio explained in their paper.<\/p>\n<p>In other words, AMD&#8217;s Spectre v2 protection was found by Intel to be inadequate: malware could still infer privileged data on certain AMD systems when the LFENCE\/JMP protection method is in place. This is separate to the BHI issue, which doesn&#8217;t affect AMD, and applies to earlier Spectre v2\/BTI attacks. After being tipped off to this, AMD assigned this oversight <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.amd.com\/en\/corporate\/product-security\/bulletin\/amd-sb-1036\">CVE-2021-26401<\/a>, and submitted patches to the Linux kernel that make retpoline the default BTI defense on AMD processors. Indeed, those patches <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/03\/14\/linux_5_17_rc8\/\" rel=\"noopener\">landed<\/a> in Linux 5.17-rc8 this month.<\/p>\n<p>This switch in default BTI defense <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.phoronix.com\/scan.php?page=article&amp;item=amd-retpoline-2022#=1\">may result<\/a> in a performance hit on AMD CPU cores, depending on the workload and circumstances.<\/p>\n<p>Separately, AMD this month acknowledged security bug CVE-2021-26341 in a bunch of its Ryzen and Epyc processors, and a few other parts, as detailed <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.amd.com\/en\/corporate\/product-security\/bulletin\/amd-sb-1026\">here<\/a> on its official website and <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/grsecurity.net\/amd_branch_mispredictor_part_2_where_no_cpu_has_gone_before\">here in depth<\/a> by Pawel Wieczorkiewicz of Grsecurity.<\/p>\n<p>According to AMD, some of its processors &#8220;may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.&#8221; In order words, another Spectre-like side-channel. The fix for this appears to be updated guidance for software developers, compiler makers, and kernel programmers on how to protect code from snooping.<\/p>\n<h3 class=\"crosshead\"> <span>Meanwhile, in Arm land<\/span><br \/>\n<\/h3>\n<p>In a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/developer.arm.com\/support\/arm-security-updates\/speculative-processor-vulnerability\/spectre-bhb\">blog post<\/a> this month, Arm acknowledged the BHI vulnerability is present in a number of its CPU cores, including its latest Cortex-A and Neoverse cores. Arm dubbed the security hole Spectre-BTB, referring to the processor&#8217;s branch history buffer, and tagged it as CVE-2022-23960. It said its silicon-level CSV2 defense against Spectre v2 cannot stop Spectre-BTB attacks.<\/p>\n<p>&#8220;While Spectre-BHB is similar to Spectre v2, the CSV2 hardware features introduced to mitigate against Spectre v2 do not work against Spectre-BHB,&#8221; Arm explained in its whitepaper [<a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/developer.arm.com\/-\/media\/Arm%20Developer%20Community\/PDF\/Security%20Update%2008%20March%202022\/Spectre-BHB%20White%20Paper%20v1.6.pdf\">PDF<\/a>] on the subject.<\/p>\n<p>Arm plans to add a ClearBHB instruction to the Arm architecture to clear the CPU BTB in a way that prevents data from being extracted. &#8220;In addition, future versions of the architecture will require that when taking an exception to a higher exception level, the BHB will be cleared to the extent required to mitigate Spectre-BHB,&#8221; Arm said.<\/p>\n<p>Until that instruction is added, CPU cores can perform a special loop when certain exceptions are raised to discard the branch buffer to avoid exploitation. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/33211\/Another-Data-Leaking-Spectre-Bug-Found-Smashes-Intel-Arm-Defenses.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[124],"class_list":["post-45734","post","type-post","status-publish","format-standard","hentry","category-packet-storm","tag-headlineflawintel"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-15T15:36:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses\",\"datePublished\":\"2022-03-15T15:36:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/\"},\"wordCount\":1135,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"keywords\":[\"headline,flaw,intel\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/\",\"name\":\"Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2022-03-15T15:36:33+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,flaw,intel\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineflawintel\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/","og_locale":"en_US","og_type":"article","og_title":"Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-03-15T15:36:33+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses","datePublished":"2022-03-15T15:36:33+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/"},"wordCount":1135,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","keywords":["headline,flaw,intel"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/","url":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/","name":"Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2022-03-15T15:36:33+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YjH5wKsCoN9LctxEoYQSfAAAANU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/another-data-leaking-spectre-bug-found-smashes-intel-arm-defenses\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,flaw,intel","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineflawintel\/"},{"@type":"ListItem","position":3,"name":"Another Data Leaking Spectre Bug Found, Smashes Intel, Arm Defenses"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45734","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=45734"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45734\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=45734"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=45734"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=45734"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}