A Flaw In Millions of Apple, AMD, and Qualcomm GPUs Could Expose AI Data

Researchers from New York-based security firm Trail of Bits have discovered a vulnerability in multiple brands and models of graphics processing unit (GPU) chips, including those made by Apple, Qualcomm, and AMD. The vulnerability, named LeftoverLocals, could allow an attacker to steal large quantities of data from a GPU's memory. The researchers note that while CPUs have been designed with data privacy as a priority, GPUs, which were designed for raw graphics processing power, have not been architected to the same degree with data privacy in mind.

Apple, Qualcomm, and AMD have all confirmed that they are impacted by the LeftoverLocals vulnerability. Apple has shipped fixes with its latest M3 and A17 processors, but the vulnerability is still present in millions of existing devices that depend on previous generations of Apple silicon. Qualcomm is in the process of providing security updates to its customers, and AMD plans to offer fixes for LeftoverLocals in March. Google has also released fixes for ChromeOS devices with impacted AMD and Qualcomm GPUs.

Key takeaways:

Researchers have discovered a vulnerability in multiple brands and models of mainstream GPUs, including Apple, Qualcomm, and AMD chips, that could allow an attacker to steal large quantities of data from a GPU's memory.
The vulnerability, called LeftoverLocals, requires some level of operating system access on a target's device and can break down data silos, potentially exposing sensitive data.
Apple, Qualcomm, and AMD have all confirmed the vulnerability. Apple has shipped fixes with its latest M3 and A17 processors, Qualcomm is in the process of providing security updates, and AMD plans to offer fixes in March.
Google has also released fixes for ChromeOS devices with impacted AMD and Qualcomm GPUs.

A Flaw In Millions of Apple, AMD, and Qualcomm GPUs Could Expose AI Data - Slashdot

Key takeaways:

Comments (0)

Newsletter