However, this speculative execution may affect the state of certain components of the microprocessor, such as the cache, and this effect may be discovered by careful monitoring of the timing of subsequent operations.
Several procedures to help protect home computers and related devices from the Spectre and Meltdown security vulnerabilities have been published.
[25][26] On January 18, 2019, Intel disclosed three new vulnerabilities affecting all Intel CPUs, named "Fallout", "RIDL", and "ZombieLoad", allowing a program to read information recently written, read data in the line-fill buffers and load ports, and leak information from other processes and virtual machines.
[16] This newly found flaw is not fixable with a firmware update, and affects nearly "all Intel chips released in the past five years".
[32] In June 2021, two new vulnerabilities, Speculative Code Store Bypass (SCSB, CVE-2021-0086) and Floating Point Value Injection (FPVI, CVE-2021-0089), affecting all modern x86-64 CPUs both from Intel and AMD were discovered.
[34] Also in June 2021, MIT researchers revealed the PACMAN attack on Pointer Authentication Codes (PAC) in ARM v8.3A.
In October 2021 for the first time ever a vulnerability similar to Meltdown was disclosed[42][43] to be affecting all AMD CPUs however the company doesn't think any new mitigations have to be applied and the existing ones are already sufficient.
[49][50] In June 2022, multiple MMIO Intel CPUs vulnerabilities related to execution in virtual environments were announced.
[53] According to a Phoronix review released in October, 2022 Zen 4/Ryzen 7000 CPUs are not slowed down by mitigations, in fact disabling them leads to a performance loss.
[54][55] In February 2023 a vulnerability affecting a wide range of AMD CPU architectures called "Cross-Thread Return Address Predictions" was disclosed.
The SLAM[66][67][68][69] vulnerability (Spectre based on Linear Address Masking) reported in 2023 neither has received a corresponding CVE, nor has been confirmed or mitigated against.
AMD dismissed the vulnerability (calling it "Speculative Race Conditions (SRCs)") claiming that existing mitigations were enough.
[73] Also in March 2024, a vulnerability in Intel Atom processors called Register File Data Sampling (RFDS) was revealed.
[75] In April 2024, it was revealed that the BHI vulnerability in certain Intel CPU families could be still exploited in Linux entirely in user space without using any kernel features or root access despite existing mitigations.
[80][81][82][83] Researchers from VUSec previously revealed ARM's Memory Tagging Extension is vulnerable to speculative probing.
[90][91][92] Spectre class vulnerabilities will remain unfixed because otherwise CPU designers will have to disable speculative execution which will entail a massive performance loss.