One mistake can have devastating consequences

Security researcher Trail of Bits has discovered a vulnerability that can steal “key data” from onboard memory. Graphics processors in all devices (smartphones, PCs, laptops and others) are at risk.

The vulnerability was called “LeftoverLocals” and instead of targeting end-user applications, penetrates GPUs used in companies’ large language models (LLM) and machine learning (ML). This has important implications because training models involve the use of sensitive data.

LeftoverLocals is being tracked by experts at Carnegie Mellon University, who say the information has already been shared by major GPU manufacturers affected by this, including Apple, AMD, Intel, Qualcomm, and Imagination.

LeftoverLocals was found to leak approximately 5.5 megabytes of data per GPU call on the AMD Radeon RX 7900 XT when running a model with seven billion parameters. According to Trail of Bits, the data leak rate is even enough to recreate a complete model, so the vulnerability poses a high risk and could be devastating for some companies, especially those preparing for a Master’s degree.

LeftoverLocals depends on one thing, namely how the GPU isolates its memory; which is completely different from the CPU framework. Thus, an attacker who gains access through the programmable interface can only steal memory data within the GPU.