Security News > 2024 > January > Apple, AMD, Qualcomm GPU security hole lets miscreants snoop on AI training and chats
Research made public on Tuesday detailed how miscreants can exploit the hole to read data they're not supposed to in a system's local GPU memory.
While the flaw potentially affects all GPU applications on vulnerable chips, it is especially concerning for those processing machine-learning applications because of the amount of data these models process using GPUs, and therefore the amount of potentially sensitive information that could be swiped by exploiting this issue.
The chip house also confirmed that a lot of its products are vulnerable to the memory leak, including multiple versions of its Athlon and Ryzen desktop and mobile processors, Radeon graphics cards, and Radeon and Instinct data center GPUs.
Google pointed out to Trail of Bits that some Imagination GPUs are impacted, and that the processor designer released a fix for its holes last month.
Google is aware of this vulnerability impacting AMD, Apple, and Qualcomm GPUs.
Google has released fixes for ChromeOS devices with impacted AMD and Qualcomm GPUs as part of the 120 and 114 releases in the Stable and LTS channels, respectively.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/01/17/leftoverlocals_gpu_flaw/
Related news
- Best of KB4-CON 2024: The State of Phishing, Hacking and Security Awareness Training (source)
- Today’s biggest AI security challenges (source)
- Leveraging AI and automation for enhanced cloud communication security (source)
- AI and the future of corporate security (source)
- In the rush to build AI apps, please, please don't leave security behind (source)
- Generative AI Security - Secure Your Business in a World Powered by LLMs (source)
- GitHub Launches AI-Powered Autofix Tool to Assist Devs in Patching Security Flaws (source)
- U.S. Justice Department Sues Apple Over Monopoly and Messaging Security (source)
- GoFetch security exploit can't be disabled on M1 and M2 Apple chips (source)
- Enterprises increasingly block AI transactions over security concerns (source)