GPUzip Side-Channel Attack Exposes Sensitive Data on Modern GPUs: A newly discovered side-channel attack, known as GPU.zip, has raised concerns about the security of modern graphics processing units (GPUs). This attack, which exploits graphical data compression, poses a threat to information confidentiality and online security.
Researchers from multiple universities have shed light on this vulnerability.
Key Takeaways to GPUzip Side-Channel Attack:
- GPU.zip Unveiled: The GPU.zip side-channel attack exploits a widespread optimization feature, graphical data compression, found in virtually all modern GPUs. This vulnerability can lead to the leakage of sensitive information.
- Cross-Origin Pixel Stealing: Attackers can utilize the GPU-based compression channel to conduct cross-origin pixel stealing attacks within web browsers, even bypassing security measures like the same-origin policy (SOP). Google Chrome and Microsoft Edge are particularly vulnerable to this attack.
- Wide GPU Impact: The vulnerability affects GPUs from major manufacturers, including AMD, Apple, Arm, Intel, Nvidia, and Qualcomm. However, websites with robust security mechanisms can mitigate the risk of pixel-stealing attacks.
The GPU.zip Side-Channel Attack
Researchers from leading universities have identified a novel side-channel attack, GPU.zip, that exploits a fundamental optimization feature present in modern GPUs-graphical data compression.
This optimization is integrated into most GPUs and is designed to enhance performance and reduce memory bandwidth usage.
Exploiting Graphical Data Compression
The study revealed that graphical data compression, although intended to be transparent to software, induces data-dependent traffic in dynamic random-access memory (DRAM) and affects cache occupancy.
This data-dependent behavior can be leveraged as a side-channel for attacks.
Cross-Origin Pixel Stealing
One alarming consequence of GPU.zip is its potential for cross-origin pixel-stealing attacks. Attackers can use this vulnerability to infer the values of individual pixels on a web page embedded within an iframe element.
This attack method can bypass critical security boundaries, such as the same-origin policy (SOP), especially in Google Chrome and Microsoft Edge.
Vulnerable Web Browsers
Web browsers like Chrome and Edge are particularly susceptible to GPU.zip attacks. They permit cross-origin iframes to load with cookies, allow rendering of scalable vector graphics (SVG) filters on iframes, and delegate rendering tasks to the GPU.
In contrast, Mozilla Firefox and Apple Safari remain unaffected by this vulnerability.
Proof of Concept and Implications
Researchers have demonstrated a proof-of-concept (PoC) that highlights the risks associated with GPU.zip. In this PoC, an attacker could deceive a user into visiting a malicious website and gain access to information, such as a Wikipedia username.
This underscores the severity of potential data breaches facilitated by this side-channel attack.
Impact on Various GPUs
GPU.zip affects a wide range of GPUs, including those from AMD, Apple, Arm, Intel, Nvidia, and Qualcomm.
However, websites with robust security measures, such as X-Frame-Options and Content Security Policy (CSP) rules, can mitigate the risk of pixel-stealing attacks.
Conclusion
The discovery of the GPU.zip side-channel attack emphasizes the evolving landscape of cybersecurity threats. It underscores the importance of ongoing vigilance in safeguarding sensitive data and the critical need for security updates, especially for users of susceptible web browsers.
Entities across the tech industry must address this vulnerability promptly to enhance online security.
About the Researchers: The research team comprises experts from the University of Texas at Austin, Carnegie Mellon University, University of Washington, and the University of Illinois Urbana-Champaign. Their collaborative efforts have unveiled the GPU.zip side-channel attack, shedding light on its implications for GPU security.
