A security vulnerability that could allow attackers to access sensitive data has been discovered in some Apple silicon GPUs.
A recent investigation by cybersecurity firm Trail of Bits discovered the security flaw, named “LeftoverLocals,” which allows attackers with local access to a device to retrieve data processed in the GPU’s local memory. The issue is particularly concerning because of the expanding use of GPUs in processing Large Language Models (LLMs) for AI applications.
According to the firm, the vulnerability enables an attacker to eavesdrop on another user’s interactive LLM session, potentially accessing sensitive information. Apple told Wired that newer devices with the A17 Pro and M3 chips have received patches to address this flaw, and Trail of Bits found that the third-generation iPad Air had also received a fix.
Most older models with vulnerable GPUs, including the iPhone 12 and M2 MacBook Air, are still vulnerable. While Apple has taken steps to patch certain devices, it remains unclear if and when all impacted models will receive security updates to directly address the problem.
The nature of the LeftoverLocals vulnerability is such that it requires physical access to the device, making remote exploitation highly improbable. As always, Apple encourages users to install the latest available software update to ensure they receive security fixes.Tags: Apple Security, Apple Silicon
This article, “Apple Silicon Security Flaw Discovered in iPhone 12 and M2 MacBook Air” first appeared on MacRumors.com
Discuss this article in our forums