GPU漏洞允許駭客自記憶體汲取資料，殃及蘋果、AMD與高通-灰度官网

GPU漏洞允許駭客自記憶體汲取資料，殃及蘋果、AMD與高通

Share

2024-01-19

資安業者Trail of Bits公布存在於通用繪圖處理器（GPGPU）的安全漏洞CVE-2023-4969，可用來恢復其它程序於GPU本地端記憶體所建立的資料，波及蘋果、AMD、高通及Imagination的GPU產品

_Trail of Bits

Trail of Bits總計測試了7家GPU供應商的11臺裝置，並在蘋果、AMD與高通的裝置上偵測到LeftoverLocals的存在，並表示記憶體外洩資料的容量取決於GPU的大小，愈大的GPU含有愈多的記憶體即可能外洩更多資料，例如在AMD Radeon RX 7900 XT上可在每個核心中恢復5MB的資料。

而受到LeftoverLocals漏洞波及的裝置涵蓋了蘋果的iPhone 12 Pro（A14）、第三代iPad Air（A12）、採用M2的MacBook Air及採用高通Snapdragon處理器的HTC 1+等。至於Trail of Bits並沒有在Imagination裝置上偵測到LeftoverLocals，是由Google在不同的Imagination裝置上發現的。

Trail of Bits是在去年9月向CERT/CC 提報LeftoverLocals漏洞，並於本周發表。

Popular selection

NFL player calls out NFL fans upset about bets: ‘We’re human too’

Denise Coates’ charity may have saved Bet365 more in tax than it has given to good causes

British gambling levy rates confirmed for each vertical

Online casino in Germany: Schleswig-Holstein issues licences for live casino and table games

GamingTECH CEE Awards 2025: The Online Voting Battle Begins February 12!

SBC Awards Americas 2025: Shortlisted Nominees Announced

ESPN Bet collects $3M handle in New York mobile debut

In a rare video message, Light & Wonder CEO says slot issue was ‘an isolated incident’

HUIDU is Ready at Booth 2250 to Meet You at SiGMA Asia 2025

Crypto in gambling: Market overview 2024

Underreported taxes on bettors’ gambling winnings leaves IRS $1.4 billion short

Italian regulator updates technical rules for gambling systems verification

Indiana online casino bill stalls in House committee

‘A target on their back’: college athletes face wave of abuse amid gambling boom

German gambling regulator wins case against lottery operator

Disclaimer：

Details

About HUIDU Contact Us Disclaimer Terms

Copyright 2022 HUIDU

Please Play Responsibly:

Casino Games Disclosure: Select casinos are licensed by the Malta Gaming Authority. 18+