Security News > 2024 > January > Apple, AMD, Qualcomm GPU security hole lets miscreants snoop on AI training and chats
Research made public on Tuesday detailed how miscreants can exploit the hole to read data they're not supposed to in a system's local GPU memory.
While the flaw potentially affects all GPU applications on vulnerable chips, it is especially concerning for those processing machine-learning applications because of the amount of data these models process using GPUs, and therefore the amount of potentially sensitive information that could be swiped by exploiting this issue.
The chip house also confirmed that a lot of its products are vulnerable to the memory leak, including multiple versions of its Athlon and Ryzen desktop and mobile processors, Radeon graphics cards, and Radeon and Instinct data center GPUs.
Google pointed out to Trail of Bits that some Imagination GPUs are impacted, and that the processor designer released a fix for its holes last month.
Google is aware of this vulnerability impacting AMD, Apple, and Qualcomm GPUs.
Google has released fixes for ChromeOS devices with impacted AMD and Qualcomm GPUs as part of the 120 and 114 releases in the Stable and LTS channels, respectively.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/01/17/leftoverlocals_gpu_flaw/
Related news
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- DuckDuckGo Joins AI Chat, Promises Enhanced Anonymity (source)
- Apple releases iOS 18, with security and privacy improvements (source)
- Two-Thirds of Security Leaders Consider Banning AI-Generated Code, Report Finds (source)
- Security leaders consider banning AI coding due to security risks (source)
- Digital Maturity Key to AI Success in Australian Cyber Security (source)
- HackerOne: Nearly Half of Security Professionals Believe AI Is Risky (source)
- Apple's latest macOS release is breaking security software, network connections (source)
- Generative AI Security: Getting ready for Salesforce Einstein Copilot (source)
- Businesses turn to private AI for enhanced security and data management (source)