The "Retbleed" speculative execution vulnerabilities

Some researchers at ETH Zurich have disclosed a
new set of speculative-execution vulnerabilities known as 'Retbleed'. In
short, the retpoline defenses added when Spectre was initially disclosed
turn out to be insufficient on x86 machines because return instructions,
too, can be speculatively executed.

​Kernel and hypervisor developers have developed mitigations in
coordination with Intel and AMD. Mitigating Retbleed in the Linux
kernel required a substantial effort, involving changes to 68
files, 1783 new lines and 387 removed lines. Our performance
evaluation shows that mitigating Retbleed has unfortunately turned
out to be expensive: we have measured between 14% and 39% overhead
with the AMD and Intel patches respectively.

Those mitigations were pulled into the mainline
kernel today. They are
not in the July 12 stable kernel
updates but will almost certainly show up in those channels soon.