Apple has now revealed that Macbook users are vulnerable to a new GPU vulnerability. The business has announced the discovery of a novel GPU vulnerability in the M2 MacBook Air, which may also affect other Apple devices. A vulnerability named ‘LeftoverLocals’ has been found in GPUs produced by Apple, Qualcomm, AMD, and Imagination. When taken advantage of, this vulnerability enables attackers to access residual data from GPU processing. Apple has confirmed that the vulnerability impacts MacBook Air and iPhone 12 models powered by the M2 chip. However, the latest M3 and A17 processors come with updates to address the LeftoverLocals exploit.
Qualcomm has also issued a firmware patch, allowing its users to promptly apply the patch. However, AMD is now developing a solution for the issue, which is expected to be released in March.
The method employed by hackers to exploit GPU vulnerability is as follows:
“LeftoverLocals significantly affects the overall security of GPU applications, especially LLMs and ML models executed on affected GPU platforms.” Through the retrieval of local memory, specifically an optimized GPU memory region, we have developed a Proof of Concept (PoC) that enables an attacker to eavesdrop on another user’s interactive LLM session, such as llama.cpp, regardless of process or container boundaries.
Also Read How to Delete Dump Files
It is important to note that the vulnerability does not exist in Apple’s M3 CPUs. In late 2024, three new variants of the MacBook Pro were announced. Significantly, Apple made the strategic decision to not simultaneously release a MacBook Air targeted towards consumers, instead prioritizing its stock for the iPhone 15 Pro and 15 Pro Max.