New GPU.side-channel attack discovered: modern graphics cards vulnerable

Researchers from four American universities have developed a new side-channel attack for GPUs, using data compression to reveal sensitive visual information from modern graphics cards while browsing web pages. Their research demonstrates the effectiveness of the "GPU.zip" attack by executing pixel-stealing attacks through the Chrome browser.

Vulnerability reported, but no patch available for users

The researchers communicated the discovery of the vulnerability to the affected video card manufacturers in March 2023, but as of September of the same year none of the GPU vendors (AMD, Apple, Arm, NVIDIA, Qualcomm) nor Google (Chrome) have released fixes to resolve the problem.

The researchers explain how leakage occurs through compression

Typically, data compression creates data-dependent DRAM traffic and cache usage, which can be exploited to reveal secret information. For this reason, the software turns off compression when it needs to handle sensitive data. However, the researchers who developed the GPU.zip attack found that all modern graphics processing units, especially Intel and AMD integrated chips, perform software-visible data compression even when not explicitly requested.

Considerations on the severity of the GPU.zip attack

GPU.zip affects almost all major GPU manufacturers, including AMD, Apple, Arm, Intel, Qualcomm, and NVIDIA, but not all cards are equally affected. The fact that none of the affected vendors have decided to solve the problem by optimizing their data compression approach and limiting their operation to non-sensitive cases further increases the risk. However, immediate user involvement is tempered by the complexity and time required to execute the attack. Additionally, websites that deny loading cross-origin iframes cannot be used to reveal user data through this attack or similar attacks.