VU#446598: GPU kernel implementations susceptible to memory leak

General-purpose graphics processing unit (GPGPU) platforms from AMD, Apple, and Qualcomm lack adequate isolation for process memory, allowing local attackers to access memory from other processes. This vulnerability, termed "LeftoverLocals," affects GPGPU platforms that allow memory copying between the CPU and GPU. Attackers with access to GPU capabilities can exploit this vulnerability to access memory expected to be isolated from other users and processes. This issue stems from the use of local memory, a software-managed cache that can store sensitive data. Trail of Bits researchers have demonstrated the vulnerability's presence in various programming interfaces, including Metal, Vulkan, and OpenCL, on multiple operating systems and drivers. While NVIDIA devices were not affected during testing, the vulnerability impacts embedded and datacenter ML implementations. Resolving this vulnerability requires collaboration among hardware manufacturers, software library providers, programmers, and standards bodies. GPU software developers should update their libraries and review their applications for data privacy. GPU users should apply software updates and ensure their devices have the latest security protections provided by their vendors.