A recent discovery by security firm Trail of Bits has unveiled a significant vulnerability in Graphic Processing Units (GPUs), raising concerns about their security and potential data leakage. The flaw allows unauthorized access to a computer’s graphics card memory, even if generated by a different program, posing a serious threat to user privacy.
The vulnerability, named ‘LeftoverLocals,’ exposes GPUs from major manufacturers such as Apple, Qualcomm, AMD, and Imagination. This flaw enables attackers to intercept and retrieve data ranging from 5 to 180 megabytes, a notable scale in contrast to the CPU domain where the exposure of even a single bit is considered substantial.
The security risk becomes evident in scenarios where an attacker could eavesdrop on a user’s activities on their computer, exploiting the vulnerability to monitor interactive sessions across different programs or containers. Trail of Bits demonstrated the issue with an example where an attacker quickly retrieves extensive information from a program, showcasing the potential impact of the vulnerability.
The vulnerability necessitates a pre-existing level of control over the target computer by malicious actors. By leveraging LeftoverLocals, attackers can circumvent established protections that typically prevent users from accessing each other’s data on shared resources.
Upon notifying the affected companies, Apple took steps to patch some devices, although certain products, such as the MacBook Air, still remain susceptible. AMD acknowledged the issue and is actively seeking solutions, while Qualcomm has provided patches for some devices, leaving uncertainty regarding others. Google confirmed vulnerabilities in some Imagination GPUs and reported that fixes were implemented in Imagination’s DDK release 23.3 in December 2023.
Despite the responsive actions from some manufacturers, the incident underscores the unknown security risks within the Machine Learning development stack, emphasizing the importance of rigorous security reviews by experts. The blog post also emphasizes the urgency of strengthening the entire GPU system, outlining clear and robust rules governing GPU program behavior and their interaction with the broader computer system. As GPUs are increasingly utilized in diverse applications, including those involving sensitive information, enhancing their security is crucial to safeguard user privacy.
