A security vulnerability named “LeftoverLocals” has been discovered by researchers at Trail of Bits, impacting millions of Apple devices, including iPhones and MacBooks, as well as devices with AMD or Qualcomm chips. The flaw is found in the GPU memory responsible for storing AI data, allowing unauthorized individuals to extract personal information easily.

The vulnerability is particularly concerning as sensitive data is readily accessible within the local memory of the GPU. Apple has promptly addressed the issue, issuing patches for devices with M3 and A17 Bionic chips. However, older iPhone 12 Pro models, iPads, and M2 MacBook Air devices remain exposed.

Also Read: Samsung Introduces Over 40% Accelerated GPU Memory

The security exploit is not limited to Apple devices but affects GPUs from various manufacturers, including Apple, AMD, Qualcomm, and Imagination. Notably, Nvidia, Arm, and Intel are unaffected. The complexity of graphics units and their increased workload has inadvertently expanded access to sensitive data, allowing hackers to access uninitialized local memory with minimal effort, often requiring less than 10 lines of code. The affected memory ranges from 5 MB to 180 MB, posing a significant security challenge.

The exploit has implications beyond Apple devices, potentially allowing attackers to access data left on a user’s device, including Large Language Models (LLMs) used by generative AI services. Companies affected by these critical flaws have acknowledged the issue and committed to taking corrective action. Users are advised to stay vigilant for updates addressing the vulnerability.