Full Report
A new "Branch Privilege Injection" flaw in all modern Intel CPUs allows attackers to leak sensitive data from memory regions allocated to privileged software like the operating system kernel. [...]
Analysis Summary
# Vulnerability: Intel CPU Branch Privilege Injection Flaw Leak Sensitive Data
## CVE Details
- CVE ID: CVE-2024-45332
- CVSS Score: N/A (Severity not explicitly stated numerically, but implied high due to sensitive data leakage and recent disclosure)
- CWE: N/A (Specific CWE not provided in the summary)
## Affected Systems
- Products: Intel Processors (9th Generation onward: Coffee Lake, Comet Lake, Rocket Lake, Alder Lake, Raptor Lake). Processors as far back as 7th generation (Kaby Lake) may exhibit related prediction bypass behavior but are less vulnerable to this specific exploit due to missing eIBRS support.
- Versions: All Intel CPUs starting from 9th generation.
- Configurations: Theoretically exploitable on Linux; due to hardware nature, it is theoretically exploitable on Windows as well.
## Vulnerability Description
This vulnerability, dubbed "Branch Privilege Injection," stems from an asynchronous Branch Predictor behavior in modern Intel microprocessors. It allows an attacker context to speculate on branch instructions and leak sensitive data from privileged memory regions (like kernel memory or data belonging to other processes) by measuring timing differences in branch predictions. The leak rate demonstrated peaked at 5.6 KB/sec with 99.8% accuracy.
## Exploitation
- Status: Not publicly described as exploited in the wild; PoC developed by researchers (ETH Zurich).
- Complexity: Medium (Implied by the need for multiple strong prerequisites for realistic scenarios).
- Attack Vector: Likely Local (though not explicitly stated, side-channel attacks often require some form of local execution context).
## Impact
- Confidentiality: High (Leakage of sensitive data from privileged memory).
- Integrity: Low/Medium (Direct impact is data leakage, not data modification, but bypassing isolation mechanisms is severe).
- Availability: Low (No direct mention of service disruption, but mitigation may cause performance overhead).
## Remediation
### Patches
- Intel has released **microcode updates** to mitigate CVE-2024-45332 on impacted models.
- Users should apply the latest **BIOS/UEFI** updates provided by their system vendor incorporating these microcode fixes.
### Workarounds
- Applying **OS updates** is also recommended as part of the mitigation strategy.
- Firmware-level mitigations introduce a **2.7% performance overhead**.
- Software mitigations introduce a performance impact between **1.6% and 8.3%**.
## Detection
- Detection methods are not explicitly detailed, but users should monitor for vendor security advisories related to CPU microcode updates.
- Indicators of compromise are not listed, but suspicious high-frequency CPU-bound activity related to side-channel timing might be relevant in advanced monitoring.
## References
- [ETH Zurich technical paper presentation at USENIX Security 2025](https://www.usenix.org/conference/usenixsecurity25)
- [BleepingComputer News Article](https://www.bleepingcomputer.com/news/security/new-intel-cpu-flaws-leak-sensitive-data-from-privileged-memory/)