A recent investigation conducted by the cybersecurity company Trail of Bits led to the discovery of one dangerous vulnerability which puts sensitive user data at risk. Call LeftoversLocalsthe security flaw allows cybercriminals with local access to a device to retrieve the processed data to the GPU’s local memory. And it’s a problem that shouldn’t be underestimated, given that the growing use of GPUs in AI.
Millions of iPhones, iPads and MacBooks are at risk
Among the various devices at risk, there are also several Apple-branded ones. Reached by the editorial team of Wiredthe Cupertino company has confirmed that Products with the A17 Pro and M3 chips have received a patch to address the issue. In fact, Trail of Bits found that even theThird generation iPad Air received a fix for the same reason.
Staying on the Apple ecosystem, the vulnerability still represents a threat to many users. In fact, numerous devices from previous generations would be at risk, such as iPhone 12 and the MacBook Air with M2 chip, still vulnerable today. We now need to understand if Apple will also release a security patch for its other potentially endangered devices.
«An Apple spokesperson confirmed the existence of the vulnerability and said that the company has released fixes for the M3 and A17 processors, released in late 2023», we read in the article Wired. «However, this means that the vulnerability represents a danger to millions of iPhones, iPads and MacBooks in circulation that use previous generation processors».
The exploit, as already mentioned, requires direct access to the device and this means that in itself it is less dangerous than you might think. However, this is not enough to sweep away other fears, because – as he points out Wired – this flaw could be exploited to launch even more significant attacks.