A safety flaw affecting GPUs from 4 {hardware} producers that uncovered artificial intelligence (AI) information was unearthed by safety researchers. The subject impacts a number of units geared up with GPUs from these companies, together with some iPhone, iPad, and Mac computer systems. Hackers can exfiltrate private info getting used in AI operations on the native reminiscence of affected units — together with giant language fashions (LLMs) utilized by companies like Google, Meta, ChatGPT maker OpenAI, and Microsoft utilizing a couple of strains of code, in response to researchers.
Researchers at Trail of Bits uncovered a safety flaw affecting GPUs from AMD, Apple, Imagination, and Qualcomm that has been dubbed LeftoverLocals. This vulnerability is said to the affected machine’s GPU and permits hackers to entry info through native reminiscence created by one other course of. Arm, Intel, and Nvidia GPUs are reportedly unaffected by the identical safety flaw.
In a detailed disclosure printed earlier this week, the researchers spotlight how the safety flaw impacts LLMs and machine studying (ML) fashions which might be run on impacted units. They have been in a position to construct a proof of idea (PoC) of the assault that allowed them to entry info from one other person’s LLM session that was being run in a unique course of.
An illustration of an attacker listening in on an interactive LLM chat session
Photo Credit: Screenshot/ Trail of Bits
Â
By operating a couple of strains of code, a hacker can use the LeftoverLocals safety flaw to reconstruct the LLM response in an interactive session “with high precision”, in response to the researchers. The flaw was found by Tyler Sorensen and is being tracked by CVE-2023-4969.
The researchers state that they reached out to Apple and obtained a response on January 13, whereas the corporate has patched some units with the A17 Pro — that powers the iPhone 15 Pro and 15 Pro Max — and M3 chip collection, however different units haven’t been patched, such because the M2-powered MacE book Air.
Meanwhile, AMD has said continues to be exploring methods to mitigate the safety vulnerability and Qualcomm has issued a patch with its v2.07 firmware that fixes the flaw on some units, whereas others might nonetheless stay impacted. Affected Imagination GPUs have been patched final month as a part of the current DDK 23.3 launch, in response to the researchers.
