all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

LeftoverLocals: Listening to LLM Responses Through Leaked GPU Local Memory. (arXiv:2401.16603v1 [cs.CR])

Add to bookmarks
Jan. 31, 2024, 2:10 a.m. | Tyler Sorensen, Heidy Khlaaf

cs.CR updates on arXiv.org arxiv.org

This paper describes LeftoverLocals: a vulnerability that allows data
recovery from GPU memory created by another process on Apple, Qualcomm, and AMD
GPUs. LeftoverLocals impacts the security posture of GPU applications, with
particular significance to LLMs and ML models that run on impacted GPUs. By
recovering local memory, an optimized GPU memory region, we built a PoC where
an attacker can listen into another user's interactive LLM session (e.g.,
llama.cpp) across process or container boundaries.

amd apple applications arxiv data data recovery gpu gpus leaked listening llm llms local memory ml models posture process qualcomm recovery run security security posture vulnerability

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Decentralised, Collaborative, and Privacy-preserving Machine Learning for Multi-Hospital Data 15 hours ago | arxiv.org
accuracy analysis arxiv cs.cr +17
Pruning for Protection: Increasing Jailbreak Resistance in Aligned LLMs Without Fine-Tuning 15 hours ago | arxiv.org
arxiv attacks can cs.ai +13
Relay Mining: Incentivizing Full Non-Validating Nodes Servicing All RPC Types 15 hours ago | arxiv.org
arxiv client crypto cryptographic +19
Laccolith: Hypervisor-Based Adversary Emulation with Anti-Detection 15 hours ago | arxiv.org
advanced advanced persistent threats adversary adversary emulation +18
Commercial Anti-Smishing Tools and Their Comparative Effectiveness Against Modern Threats 15 hours ago | arxiv.org
arxiv attacker attacks commercial +19
PriSampler: Mitigating Property Inference of Diffusion Models 15 hours ago | arxiv.org
arxiv attacks banking cs.cr +12
PrescientFuzz: A more effective exploration approach for grey-box fuzzing 15 hours ago | arxiv.org
arxiv box campaigns control +13
Evaluating and Mitigating Linguistic Discrimination in Large Language Models 15 hours ago | arxiv.org
arxiv can capabilities cs.ai +16
Towards Classical Software Verification using Quantum Computers 15 hours ago | arxiv.org
aid arxiv computer computers +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineer - Vulnerability Management

@ Starling Bank | Southampton, England, United Kingdom
View on infosec-jobs.com

Manager Cybersecurity

@ Sia Partners | Rotterdam, Netherlands
View on infosec-jobs.com

Compliance Analyst

@ SiteMinder | Manila
View on infosec-jobs.com

Information System Security Engineer (ISSE)-Level 3, OS&CI Job #447

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Enterprise Cyber Security Analyst – Advisory and Consulting

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com
View more jobs