Branch History Injection. What makes BHI noteworthy is that it can bypass recent silicon-level BTI mitigations implemented by Intel (eIBRS, or enhanced Indirect Branch Restricted Speculation) and Arm, thus allowing information to leak across privilege boundaries. In other words, a rogue user-level application can use BHI to extract keys and other secrets from OS kernel memory, which should be out of bounds, and the built-in defenses on Intel and Arm-designed CPU cores won't work. #cyber #threats #informatique

https://www.theregister.com/2022/03/15/spectre_bti_intel_amd_arm/