This work exposes undocumented security vulnerabilities in modern out-of-order CPU branch prediction units (BPUs), arising from resource sharing between “bias-free prediction” and “branch history speculation” mechanisms. Their implicit updates to the Branch History Buffer (BHB) can be manipulated across privilege boundaries, enabling controllable mispredictions and history injection—establishing a novel cross-privilege side-channel attack surface, termed Branch History Injection (BHI). Methodologically, the study combines microarchitectural reverse engineering, BPU behavioral modeling, and Spectre variant construction to systematically identify vulnerable control-flow patterns. It introduces three new attack primitives—Spectre-BSE, Spectre-BHS, and BiasScope—and implements Chimera, the first eBPF-driven kernel memory leakage prototype, achieving a stable exfiltration rate of 24,628 bit/s on mainstream processors. The work advances understanding of BPU trust boundaries and calls for fundamental reevaluation of hardware-enforced BPU isolation mechanisms.

Modern out-of-order CPUs heavily rely on speculative execution for performance optimization, with branch prediction serving as a cornerstone to minimize stalls and maximize efficiency. Whenever shared branch prediction resources lack proper isolation and sanitization methods, they may originate security vulnerabilities that expose sensitive data across different software contexts. This paper examines the fundamental components of modern Branch Prediction Units (BPUs) and investigates how resource sharing and contention affect two widely implemented but underdocumented features: Bias-Free Branch Prediction and Branch History Speculation. Our analysis demonstrates that these BPU features, while designed to enhance speculative execution efficiency through more accurate branch histories, can also introduce significant security risks. We show that these features can inadvertently modify the Branch History Buffer (BHB) update behavior and create new primitives that trigger malicious mis-speculations. This discovery exposes previously unknown cross-privilege attack surfaces for Branch History Injection (BHI). Based on these findings, we present three novel attack primitives: two Spectre attacks, namely Spectre-BSE and Spectre-BHS, and a cross-privilege control flow side-channel attack called BiasScope. Our research identifies corresponding patterns of vulnerable control flows and demonstrates exploitation on multiple processors. Finally, Chimera is presented: an attack demonstrator based on eBPF for a variant of Spectre-BHS that is capable of leaking kernel memory contents at 24,628 bit/s.