Apple has confirmed that a new GPU vulnerability is present in the M2 MacBook Air, and could be present in other Apple devices.
The vulnerability—named LeftoverLocals—has been found in GPUs made by Apple, Qualcomm, AMD and Imagination. When used successfully, attackers can read data left over from GPU processing, with the technique being demonstrated with an AI chatbot query:
“LeftoverLocals impacts the security posture of GPU applications as a whole, with particular significance to LLMs and ML models run on impacted GPU platforms. By recovering local memory—an optimized GPU memory region—we were able to build a PoC where an attacker can listen into another user’s interactive LLM session (e.g., llama.cpp) across process or container boundaries…”
Qualcomm has released a firmware patch, encouraging its users to appy the patch as soon as possible. AMD is working on its own fix, which is expected in March.
Apple has confirmed that fixes for the LeftoverLocals attack shipped within the latest M3 and A17 processors launched in the second half of 2023 in the iPhone 17 Pro smartphones and new MacBook Pro laptops; it has also confirmed that the M2-powered MacBook Air and iPhone 12 models are affected. What’s unclear is if the vulnerability is still present in other Apple hardware; the volume of iPhone, iPad, and Mac sales could affect hundreds of millions of users.
Crucially, anyone using this attack must have physical access to your Mac. This means the risk is lower than purely online attacks, so maintaining good physical security with your hardware will go a long way to mitigate against this attack. The concern is that hackers could use this attack as one step in a multi-step attack that could do more damage.
Undoubtedly, Apple will be working on a security update to address this issue quickly. When this arrives, you should update right away.
Now read the latest Mac, iPhone, and App Store headlines in Forbes’ weekly Apple Loop news digest…
