Researchers identified a security flaw affecting GPUs used in certain Apple devices that could allow hackers to access sensitive data stored on these devices, including AI information used in various services. The vulnerability, dubbed LeftoverLocals, affects devices with GPUs from AMD, Apple, Imagination, and Qualcomm.
Trail of Bits discovered LeftoverLocals, which allows hackers to access data through local memory created by a different process. This poses a significant risk to users’ personal information, as demonstrated by researchers who were able to access another user’s LLM session using a simple attack.
The flaw, discovered by Tyler Sorensen, is being tracked under CVE-2023-4969. While Apple has patched some devices, like the iPhone 15 Pro and 15 Pro Max, using the A17 Pro and M3 chip series, other devices, such as the M2-powered MacBook Air, remain unpatched. AMD is still exploring ways to mitigate the vulnerability, and Qualcomm has issued a patch for some devices but others could still be affected. Affected Imagination GPUs were patched last month as part of the recent DDK 23.3 release, according to the researchers.
For more information, check out this detailed disclosure by Trail of Bits. Additionally, visit our ethics statement for more details.
In conclusion, the recent discovery of a GPU flaw that exposes AI data in devices with Apple, AMD, and Qualcomm hardware highlights the ongoing challenges and vulnerabilities in the field of artificial intelligence and technology. While these companies have been swift to address the issue and provide updates to mitigate the risks, it serves as a reminder of the importance of robust security measures and ongoing vigilance in the development and deployment of AI systems. As technology continues to advance, it is crucial for companies to prioritize the protection of sensitive data and work towards ensuring the safety and integrity of AI applications in various devices.