LeftoverLocals GPU Flaw Exposes AI Data in Devices Equipped with Apple, AMD, and Qualcomm Hardware
LeftoverLocals does not impact GPUs from Arm, Nvidia, and Intel, according to the security researchers who uncovered the flaw.
A security flaw affecting GPUs from four hardware manufacturers that exposed artificial intelligence (AI) data was unearthed by security researchers. The issue impacts several devices equipped with GPUs from these firms, including some iPhone, iPad, and Mac computers. Hackers can exfiltrate personal information being used in AI operations on the local memory of affected devices — including large language models (LLMs) used by services like Google, Meta, ChatGPT maker OpenAI, and Microsoft using a few lines of code, according to researchers.
Researchers at Trail of Bits uncovered a security flaw affecting GPUs from AMD, Apple, Imagination, and Qualcomm that has been dubbed LeftoverLocals. This vulnerability is related to the affected device’s GPU and allows hackers to access information via local memory created by another process. Arm, Intel, and Nvidia GPUs are reportedly unaffected by the same security flaw.
In a detailed disclosure published earlier this week, the researchers highlight how the security flaw affects LLMs and machine learning (ML) models that are run on impacted devices. They were able to build a proof of concept (PoC) of the attack that allowed them to access information from another user’s LLM session that was being run in a different process.
A security flaw known as LeftoverLocals has been discovered, affecting GPUs in devices equipped with Apple, AMD, and Qualcomm hardware. This flaw allows a hacker to use a few lines of code to reconstruct the Local Learning Model (LLM) response in an interactive session with high precision. The researchers who uncovered the flaw have reported it to Apple, and while some devices have been patched, others remain vulnerable. AMD is exploring ways to mitigate the vulnerability, and Qualcomm has issued a patch for some devices. The affected Imagination GPUs have been patched in a recent release.