[1][4] The vulnerability is caused by a combination of flaws in the speculative execution technology present within the affected CPUs[1] and how certain operating systems handle context switching on the floating point unit (FPU).
[1][a] Besides being used for floating point arithmetic, the FPU registers are also used for other purposes, including for storing cryptographic data when using the AES instruction set, present in many Intel CPUs.
Rather than storing the full state during a context switch, the operating system can simply mark the FPU "not available" in the hopes that the switched-to task will not need it.
It is possible to mitigate the vulnerability at the operating system and hypervisor levels by always restoring the FPU state when switching process contexts.
[3] Also, many system software vendors and projects, including Linux distributions,[7] OpenBSD,[8] and Xen[4] have released patches to address the vulnerability.