Arm Cortex-A72, Cortex-A73, and Cortex-A75 Spectre-BSE Vulnerability Allowing Weak Control Over Branch History

A vulnerability known as Spectre-BSE (Branch Status Eviction) has been identified in Arm Cortex-A72 (revisions prior to r1p0), Cortex-A73, and Cortex-A75. This issue may allow an adversary to gain a weak form of control over the victim's branch history, despite existing protections. The vulnerability arises because the adversary must first find an exploitable leak gadget, have control over the relevant registers, and maintain an unchanged manipulated branch predictor state between the priming and exploitation phases.

Impact

Exploitation of this vulnerability could lead to unauthorized manipulation of branch prediction, potentially allowing for speculative execution attacks that could bypass security boundaries or access sensitive data.

Remediation

For Cortex-A72 (revisions prior to r1p0), the MMU can be disabled and re-enabled at the highest implemented exception level to mitigate the issue. For Cortex-A73 and Cortex-A75, the BPIALL instruction may be used to invalidate all entries from the branch predictor. These mitigations are only available at high exception levels, but devices with compatible firmware, such as Trusted Firmware-A, can utilize specific architecture workaround calls to apply them. Additionally, the Linux Kernel has already implemented these workarounds for Cortex-A73 and Cortex-A75, so devices running up-to-date versions of Trusted Firmware-A and Linux are protected against this vulnerability.