This new attack is deliberate, rather than accidental, and very explicit, being wired to to the protected-mode bit. It points the way to even more subtle attacks, perhaps something that misbehaves slightly as power management is bringing some part of the CPU up or down. Maybe slightly more capacitance somewhere, so that right after a core comes out of power save, for the first few cycles some part of the protection hardware doesn't work right.
That already happens in embedded systems (esp MCU's) in a different way. You're thinking on the right track. All I can say.