LeftoverLocals: Listening to LLM Responses Through Leaked GPU Local Memory
CoRR(2024)
摘要
This paper describes LeftoverLocals: a vulnerability that allows data
recovery from GPU memory created by another process on Apple, Qualcomm, and AMD
GPUs. LeftoverLocals impacts the security posture of GPU applications, with
particular significance to LLMs and ML models that run on impacted GPUs. By
recovering local memory, an optimized GPU memory region, we built a PoC where
an attacker can listen into another user's interactive LLM session (e.g.,
llama.cpp) across process or container boundaries.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要