by The Apple iPhone 12 and M2 MacBook Air have a GPU vulnerability that may let hackers access user data.It have discovered that the Apple iPhone 12 and M2 MacBook Air have a GPU vulnerability.If taken advantage of, might provide hackers access to the device’s data. The flaw found by security researchers at Trail Bits, who have also demonstrated.An exploit that could allow an attacker to gain access to data that have processed within the device’s chip.There are revealing details such as the results of tasks like ChatGPT queries.
What is the security flaw in the Apple GPU?
A flaw found in several graphic processing units (GPUs) manufactured by Apple, Qualcomm, AMD, and Imagination by security researchers at Trail of Bits. The defect dubbed LeftoverLocals.The name comes from the exploit they demonstrated, which allow an attacker with local access to the device to read data in the GPU that left over from previous processing. They were able to interpret an AI chatbot’s response with accuracy thanks to the proof of concept.
The discovered vulnerability, known as LeftoverLocals, discovered in graphics processing units (GPUs) produced by Imagination, Qualcomm, AMD, and Apple. The nomenclature explained by a successful exploit that researchers have demonstrated allows an attacker with local access to the device to retrieve residual data in the GPU from prior processing.
It said that researchers have already discussed the problem with Apple, Qualcomm, and the other manufacturers. Additionally, the business is reportedly developing a patch to address the problem, according to a 9To5Mac report. There were reportedly other Apple devices run on A17 and M3 chip that were impacted by the vulnerability. In addition to the iPhone 12 and M2 MacBook Air, but those devices received a security update and the problem totally fixed. The M2 MacBook Air and iPhone 12 have not yet received a patch, though. Additionally, Apple verified to Wired that the two gadgets remain susceptible.
To what extent is this a serious matter?
Given that highly motivated attackers frequently carry out hacks by chaining together multiple vulnerabilities, the potential implications are significant even though exploiting the vulnerability would require some degree of existing access to the targets’ devices. Moreover, many prevalent forms of digital attacks already require gaining “initial access” to a device.
“On January 10, we retested the vulnerability and found that some devices—like the Apple iPad Air 3rd G (A12)—had received a patch. Still, it looks like the problem exists with the Apple MacBook Air (M2). Moreover, it doesn’t seem to affect the newly released Apple iPhone 15, unlike earlier iterations. The researchers stated, “Apple acknowledged that the A17 and M3 series CPUs have fixes.But we have not informed of the precise patches applied across their devices.”Interestingly, the exploit that being demonstrated needs some sort of pre-existing access to the machine, which putit in the low-risk category.
