Intel is grappling with another major security flaw in its processors... and this time, the cost of fixing it may be very steep. Researchers have discovered a design vulnerability in Intel CPUs over the past decade that covers the ability of ordinary programs to determine the content or layout of protected kernel memory (i.e. areas reserved just for the operating system). While the details appear to be under embargo for now, the fix is to completely separate the kernel memory from those ordinary processes. That could carry a significant speed hit, since it requires switching between two memory address spaces every time there's a system call or a hardware interrupt request.
Source: Python Sweetness (Tumblr), The Register, LKML.org