CVE-2024-45332: 
Linux Debian vulnerability analysis and mitigation

Branch Privilege Injection (CVE-2024-45332) is a hardware vulnerability discovered in Intel CPUs that allows attackers to leak sensitive data from privileged memory regions. The vulnerability affects all Intel processors from the 9th generation onward, including Coffee Lake, Comet Lake, Rocket Lake, Alder Lake, and Raptor Lake. It was discovered by researchers at ETH Zurich and disclosed in May 2025 (ETH Research, BleepingComputer).

The vulnerability is caused by a race condition in the branch predictor subsystem where predictor updates are not synchronized with instruction execution. This asynchronous behavior allows updates to traverse privilege boundaries, creating a window of opportunity during which updates can be associated with the wrong privilege level. The flaw effectively bypasses Intel's Spectre v2 mitigations, including enhanced Indirect Branch Restricted Speculation (eIBRS) and Indirect Branch Prediction Barrier (IBPB). The exploit can achieve peak leak rates of 5.6 KB/sec at 99.8% accuracy (ETH Research, BleepingComputer).

The vulnerability allows authenticated users to potentially enable information disclosure via local access, specifically leaking sensitive data from privileged memory regions. These regions typically contain critical information such as passwords, cryptographic keys, memory of other processes, and kernel data structures. While the attack was demonstrated on Linux, the flaw exists at the hardware level and is theoretically exploitable on Windows as well (BleepingComputer).

Intel has released microcode updates to mitigate CVE-2024-45332 on affected processors. The firmware-level mitigations introduce a 2.7% performance overhead, while software mitigations have a performance impact between 1.6% and 8.3%, depending on the CPU. Users are recommended to apply the latest BIOS/UEFI and OS updates (BleepingComputer).

Intel acknowledged the research and stated: 'We appreciate the work done by ETH Zurich on this research and collaboration on coordinated public disclosure. Intel is strengthening its Spectre v2 hardware mitigations and recommends customers contact their system manufacturer for the appropriate update. To date, Intel is not aware of any real-world exploits of transient execution vulnerabilities.' (BleepingComputer).