A safety flaw affecting GPUs from 4 {hardware} producers that uncovered artificial intelligence (AI) information was unearthed by safety researchers. The problem impacts a number of gadgets outfitted with GPUs from these companies, together with some iPhone, iPad, and Mac computer systems. Hackers can exfiltrate private info being utilized in AI operations on the native reminiscence of affected gadgets — together with giant language fashions (LLMs) utilized by providers like Google, Meta, ChatGPT maker OpenAI, and Microsoft utilizing a couple of traces of code, based on researchers.
Researchers at Path of Bits uncovered a safety flaw affecting GPUs from AMD, Apple, Imagination, and Qualcomm that has been dubbed LeftoverLocals. This vulnerability is said to the affected gadget’s GPU and permits hackers to entry info through native reminiscence created by one other course of. Arm, Intel, and Nvidia GPUs are reportedly unaffected by the identical safety flaw.
In a detailed disclosure revealed earlier this week, the researchers spotlight how the safety flaw impacts LLMs and machine studying (ML) fashions which might be run on impacted gadgets. They have been capable of construct a proof of idea (PoC) of the assault that allowed them to entry info from one other person’s LLM session that was being run in a distinct course of.
An illustration of an attacker listening in on an interactive LLM chat session
Photograph Credit score: Screenshot/ Path of Bits
By operating a couple of traces of code, a hacker can use the LeftoverLocals safety flaw to reconstruct the LLM response in an interactive session “with excessive precision”, based on the researchers. The flaw was found by Tyler Sorensen and is being tracked by CVE-2023-4969.
The researchers state that they reached out to Apple and acquired a response on January 13, whereas the corporate has patched some gadgets with the A17 Professional — that powers the iPhone 15 Pro and 15 Pro Max — and M3 chip collection, however different gadgets haven’t been patched, such because the M2-powered MacBook Air.
In the meantime, AMD has stated continues to be exploring methods to mitigate the safety vulnerability and Qualcomm has issued a patch with its v2.07 firmware that fixes the flaw on some gadgets, whereas others might nonetheless stay impacted. Affected Creativeness GPUs have been patched final month as a part of the latest DDK 23.3 launch, based on the researchers.
About The Author
