Trail of Bits security firm says processes used by Apple, ARM, Qualcomm and others can open up local memory
The rush to adopt Generative AI (GenAI) and other kinds of AI is inadvertently opening up a vulnerability through major brands’ use of graphics processing units (GPUs). It includes Apple, Qualcomm, AMD and Imagination chips in the list of companies whose products have this potential vulnerability.
Companies are turning to GPUs to supply the compute power they need to run large language models (LLMs) which are all about speed and huge scale, and other machine learning models.
Listening in
The Trail of Bits Blog published research which disclosed LeftoverLocals. This is a vulnerability that enables the recovery of data from GPUs’ local memory due to processes carried out the companies listed above and others.
Trail of Bits security firm said it built a proof of concept by which an attacker could listen into an interactive LLM session across process or container boundaries. See the blog for more technical details.
Note that to exploit the vulnerability, attackers would already need to have some access to their targets’ devices. On the other hand, establishing access to target devices is necessary for many common types of attacks and it is common practice for hackers to chain multiple vulnerabilities together.
Taking action
Chip makers have spent a fortune and years constantly improving the security of central processing units or CPUs – although not always enjoying 100% success – Meltdown, Spectre and Downfall, anybody? They don’t leak even when optimised for speed. GPUs, on the other hand, were created to provide raw processing power, primarily for the gaming industry.
Trail of Bits says as GPUs are more widely used, this is an increasingly urgent concern.
WIRED cited a spokesperson for Qualcomm saying the company is working on providing security updates to all customers and has realised firmware patches for the vulnerability.
AMD is on the case too and Google said in a statement that it “is aware of this vulnerability impacting AMD, Apple, and Qualcomm GPUs. Google has released fixes for ChromeOS devices with impacted AMD and Qualcomm GPUs.”
The Trail of Bits researchers warn that the device makers incorporate vulnerable chips into PCs and other devices have to package the patches and send them to end users. Something of a nightmare given the size and complexity of the global ecosystem.