It has been well over three years now since the
Spectre hardware
vulnerabilities were disclosed, but Spectre is truly a gift that keeps on
giving. Writing correct and secure code is hard enough when the hardware
behaves in predictable ways; the problem gets far worse when processors can
do random and crazy things. For an illustration of the challenges
involved, one need look no further than the BPF vulnerability described in
this
advisory, which was fixed in the 5.13-rc7 release.

Source: LWN.net – [$] Spectre revisits BPF