Jump to content
  • Sign Up
×
×
  • Create New...

LeftoverLocals GPU Flaw Exposes AI Data in Devices Equipped with Apple, AMD, and Qualcomm Hardware


Recommended Posts

  • Diamond Member

LeftoverLocals GPU Flaw Exposes AI Data in Devices Equipped with Apple, AMD, and Qualcomm Hardware

A security flaw affecting GPUs from four hardware manufacturers that exposed artificial intelligence (AI) data was unearthed by security researchers. The issue impacts several devices equipped with GPUs from these firms, including some iPhone, iPad, and Mac computers. Hackers can exfiltrate personal information being used in AI operations on the local memory of affected devices — including large language models (LLMs) used by services like

This is the hidden content, please
, Meta, ChatGPT maker OpenAI, and
This is the hidden content, please
using a few lines of code, according to researchers.

Researchers at Trail of Bits uncovered a security flaw affecting GPUs from AMD, Apple, Imagination, and Qualcomm that has been dubbed LeftoverLocals. This vulnerability is related to the affected device’s GPU and allows hackers to access information via local memory created by another process. Arm, Intel, and Nvidia GPUs are reportedly unaffected by the same security flaw.

In a

This is the hidden content, please
published earlier this week, the researchers highlight how the security flaw affects LLMs and machine learning (ML) models that are run on impacted devices. They were able to build a proof of concept (PoC) of the ******* that allowed them to access information from another user’s LLM session that was being run in a different process.

A demonstration of an attacker listening in on an interactive LLM chat session
Photo Credit: Screenshot/ Trail of Bits

 

By running a few lines of code, a hacker can use the LeftoverLocals security flaw to reconstruct the LLM response in an interactive session “with high precision”, according to the researchers. The flaw was discovered by Tyler Sorensen and is being tracked by

This is the hidden content, please
.

The researchers state that they reached out to Apple and received a response on January 13, while the company has patched some devices with the A17 Pro — that powers the iPhone 15 Pro and 15 Pro Max — and M3 chip series, but other devices have not been patched, such as the M2-powered MacBook Air.

Meanwhile, AMD has

This is the hidden content, please
is still exploring ways to mitigate the security vulnerability and Qualcomm has issued a patch with its v2.07 firmware that fixes the flaw on some devices, while others could still remain impacted. Affected Imagination GPUs were patched last month as part of the recent DDK 23.3 release, according to the researchers.


Affiliate links may be automatically generated – see our ethics statement for details.



This is the hidden content, please

gpu security flaw leftoverlocals apple amd qualcomm imagination leftoverlocals,gpus,security flaws,vulnerabilities,apple,amd,qualcomm,imagination,ai,artificial intelligence
#LeftoverLocals #GPU #Flaw #Exposes #Data #Devices #Equipped #Apple #AMD #Qualcomm #Hardware

This is the hidden content, please

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.