The Extended Berkeley Packet Filter (eBPF) is a revolutionary technology introduced in the Linux kernel that enables the execution of sandbox programs in a privileged context, allowing the operating system to be dynamically extended without modifying its source code. Due to its efficiency and flexibility, eBPF is widely adopted for high-performance networking, deep system observability, and real-time security enforcement with minimal overhead. However, executing user-defined code in kernel space introduces significant security issues, including the risk of memory corruption, sensitive data loss, and potential system instability. In particular, eBPF programs are subject to Spectre, a class of speculative execution hardware vulnerabilities that exploit the microarchitectural side channels of modern CPUs to leak sensitive information.