Attackers Could Eavesdrop on AI Conversations on Apple, AMD, Imagination and Qualcomm GPUs

2024-01-18 19:00

Researchers at cybersecurity research and consulting firm Trail of Bits have discovered a vulnerability that could allow attackers to read GPU local memory from affected Apple, Qualcomm, AMD and Imagination GPUs.

In particular, the vulnerability-which the researchers named LeftoverLocals-can access conversations performed with large language models and machine learning models on affected GPUs.

Which GPUs are affected by the LeftoverLocals vulnerability, and what has been patched?

Put simply, it's possible to use a GPU memory region called local memory to connect two GPU kernels together, even if the two kernels aren't on the same application or used by the same person.

The attacker can use GPU compute applications such as OpenCL, Vulkan or Metal to write a GPU kernel that dumps uninitialized local memory into the target device.

CPUs typically isolate memory in a way that it wouldn't be possible to use an exploit like this; GPUs sometimes do not.

News URL

https://www.techrepublic.com/article/leftoverlocals-vulnerability-apple-amd-imagination-qualcomm/

#AI #AMD #apple #GPU #qualcomm

Related vendor

VENDOR	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Apple	135	564	4101	1567	2438	8670
Qualcomm	2172	99	453	861	438	1851
AMD	746	28	115	79	22	244