LeftoverLocals
by Phil Tadros
January 16, 2024
2024-01-16 11:58:31
Updates
- 2024-01-16: Preliminary launch
Description
Path of Bits is disclosing LeftoverLocals: a vulnerability that permits knowledge restoration from GPU reminiscence created by one other course of on Apple, Qualcomm, and AMD GPUs. LeftoverLocals impacts the safety posture of GPU purposes, with explicit significance to LLMs and ML fashions that run on impacted GPUs. By recovering native reminiscence – an optimized GPU reminiscence area – we constructed a PoC the place an attacker can pay attention into one other person’s interactive LLM session (e.g., llama.cpp) throughout course of or container boundaries.
Demo
Report
See the total report at our weblog here.
What's Your Reaction?
Excited
0
Happy
0
In Love
0
Not Sure
0
Silly
0