LeftoverLocals, umngcipheko kwi-GPUS evumela ukubiwa kwedatha 

Umngcipheko

Ukuba zixhatshaziwe, ezi ziphene zinokuvumela abahlaseli ukuba bafumane ukufikelela okungagunyaziswanga kulwazi olubuthathaka okanye ngokubanzi babangele iingxaki.

Kutshanje, Umkhondo wabaphandi beBits (ifemu yokhuseleko) yaziwe ngeposti yebhlog Bachonge ingxaki kwi-AMD, Apple, Qualcomm kunye ne-Imagination GPUs, eyenza kube lula ukuba umntu afumane idatha kwimemori yekhadi lemizobo, nokuba yenziwe yiprogram eyahlukileyo.

Ebizwa ngokuba yiLeftoverLocals, Obu buthathaka buchaphazela kwiiyunithi zokusetyenzwa kwemizobo kunye nalapho umhlaseli anokuthi abe isixa esibalulekileyo sedatha.

Malunga LeftoverLocals

Sele ifakwe kwikhathalogu phantsi kwe "CVE-2023-4969" kunye namanqaku "8", bayayenza I-LeftoverLocals, bubuthathaka obuyingozi kakhulu, ukususela ngoku ivumela ukubuyiswa kwedatha kwimemori yendawo yeGPU, eqhubeka emva kokuba enye inkqubo yenziwe kwaye inokuqulatha ulwazi olubuthathaka.

Yintoni eyenza i-LeftoverLocals ibe sesichengeni esiyingozi kukuba ichaphazela izixhobo ezahlukeneyo ezisetyenziswa ngokubanzi, uninzi lwazo lwahlala lungabhalwanga kwaye enokuthi isetyenziswe kwiindawo ezininzi zabasebenzisi, apho abaqhubi babasebenzisi abahlukeneyo baqhuba kwi-GPU enye, kwaye ingasetyenziswa yi-malware ukujonga umsebenzi weenkqubo ezisebenza kwi-GPU, ukuchonga idatha eqhutywe yi-GPU kernel.

LeftoverLocals ivela ngenxa yokungonelanga kokwahlulwa kwememori yendawo ye-GPU kunye ukungakwazi ukucima inkumbulo ethethiweyo emva kokwenziwa kweenkqubo kwiGPU. Oku kuvumela inkqubo ekhohlakeleyo ukuchonga idatha eshiyekileyo kwimemori yasekhaya emva kokuba enye inkqubo iqhube okanye ifunde idatha kwinkqubo esebenzayo ngoku.

Kuxelwe ukuba, Undoqo we-LeftoverLocals ilele kwinkumbulo yendawo kwi-GPU esebenza njenge-cache yokugcina izibalo eziphakathi. kwaye inokwahluka ngobukhulu ukusuka kumashumi eekhilobhayithi ukuya kwiimegabytes ezininzi kwiyunithi nganye yekhompyutha. Uhlaselo lubandakanya ukuqhuba umqhubi (kernel) kwi-GPU ekhuphela amaxesha ngamaxesha imixholo yememori yendawo ekhoyo kwimemori yehlabathi (VRAM). Kuba inkumbulo yendawo ayicinywanga xa utshintshela phakathi kwabaqhubekekisi kwi-GPU kwaye kwabelwana ngayo phakathi kweenkqubo ezahlukeneyo ngaphakathi kweyunithi yekhompyutha ye-GPU efanayo, inokuba nedatha eshiyekileyo evela kwezinye iinkqubo.

Ukuze kuvavanywe ukuba sesichengeni, Trail of Bits abaphandi baye baphuhlisa ezinye iiprototypes zokuxhaphaza kwiiGPU ezahlukeneyo, usebenzisa i-OpenCL, iVulkan kunye neMetal APIs ukufikelela kwiGPU. Nangona ukwenza uhlaselo oluvela kwisikhangeli ngeWebGPU kunzima ngenxa yokuhlolwa komda oguquguqukayo wokongezwa yiWebGPU, abaphandi baye babonisa indlela ubungozi obunokusetyenziswa ngayo ukumisela idatha yokuphuma kwabanye abasebenzisi kunye nokudala amajelo onxibelelwano.

Ukongeza, kukhankanyiwe ukuba inani ledatha ehluziweyo lixhomekeke kwisakhelo esithile se-GPU kunye nobukhulu bememori yendawo. Ngokomzekelo, i-AMD Radeon RX 7900 XT enkulu kakhulu ilahlekelwa malunga ne-5.5 MB okanye malunga ne-181 MB ngombuzo we-LLM, ngokutsho kwabaphandi.

Njengoko ii-GPU zisanda kusetyenziswa ukukhawulezisa i-AI kunye nokusetyenziswa komatshini wokufunda, abaphandi balumkisa ukuba iziphene ezifana neLeftoverLocals zinokuba yinto ekujoliswe kuyo.

Ngokubanzi, ukuqaliswa kokufunda koomatshini kuphakamisa iindawo ezintsha zohlaselo ezingathathelwa ngqalelo imodeli yezoyikiso zemveli kwaye oko kunokukhokelela ekufikeleleni okucacileyo kunye nokucacileyo kwidatha, iiparitha zemodeli okanye iziphumo ezibangelwayo, ukwandisa umgangatho wokuhlaselwa kwenkqubo," ingxelo ithi. abaphandi babhala.

Umkhondo weBits uqaphele ukuba ukulungiswa kuphunyeziwe kobu buthathaka kwezinye izixhobo ze-Apple, kunye nohlaziyo lomqhubi oluvela kwi-AMD kulindeleke ngo-Matshi, inxalenye yayo i-Qualcomm ichaze ukuba ilungise umcimbi we-Adreno a630 GPU kuhlaziyo lwe-firmware 2.07, ngelixa i-Imagination ibonelele ukulungiswa kwi-DDK 23.3 entsha. ngoDisemba.

Kwelinye icala, kukhankanyiwe ukuba i-NVIDIA, Intel kunye ne-ARM GPUs azichaphazeleki. Kumthombo ovulekileyo we-OpenCL abaqhubi be-AMD GPUs, imemori iyacinywa emva kwe-kernel boot nganye, kodwa le ndlela ithathwa njengengasebenzi kakuhle kwezinye iimeko.

Ekugqibeleni ewe unomdla wokwazi ngakumbi ngayo, ungazijonga iinkcukacha kwi ukulandela ikhonkco.


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Inoxanduva lwedatha: I-AB Internet Networks 2008 SL
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.