Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

New Side-Channel Attacks Target Graphics Processing Units

A trio of new attacks bypass CPUs to wring data from vulnerable GPUs.

A new brand of side-channel vulnerabilities has been disclosed and this time it's not the CPU that's under attack: it's the GPU.

New exploits published by computer scientists at the University of California, Riverside, leave both individual users and high-performance computing systems at potential risk. The three sets of exploits pull sensitive data out of a graphics processing unit core, and do so with relative ease, compared to some of the side-channel attacks that have been demonstrated on CPUs.

Two of the attacks target individual users, pulling information on website history and passwords. The third could open the door to an organization's machine-learning or neural network applications, exposing details about their computational model to competitors.

The researchers' paper, Rendered Insecure: GPU Side Channel Attacks are Practical, was presented at the ACM SIGSAC conference, and the vulnerabilities have been disclosed to Nvidia, Intel, and AMD.

The first two attacks take advantage of the cores in a GPU communicating in parallel to complete a workload. Knowing about that communication means that, "…if we coordinate it right then we achieve really high bandwidth so that we can block out noise," says Nael Abu-Ghazaleh, professor of computer science and engineering, and of electrical and computer engineering at the university.

The basic attack technique works like this: "There is a victim process and then there's somebody else was spying on it through leakage in the caches or other shared resources," he says. The fact that all the cores share certain resources means that the attacker doesn't have to figure out which core is running a particular thread, greatly simplifying the attack.

An attack on the API dealing with memory allocation for the GPU cores allows an attacker to ultimately figure out which websites have been visited in a process Abu-Ghazaleh describes as website "fingerprinting." If the point of attack is memory allocation based on keystrokes entered by the user, then "with well-known attacks on timing you can actually figure out with high certainty what are the candidate passwords and quickly get to the point where you can crack the password," he says.

Vulnerable Intelligence

The vulnerability that affects machine learning applications depends on understanding certain counters that are actually designed to make programming a GPU easier.

"Things can go really wrong when you're writing GPU code because it's very sensitive to memory access patterns and so on," Abu-Ghazaleh says. "The counters are provided to give this insight, and they're accessible from user mode," he explains. If a spy process can watch these counters, it can gain incredible insight into the processes that are running.

In the attack, workloads are sent to the GPU concurrently with the victim workload in order to cause stress and the resulting update of the counters. Within the GPU, there can be more than 200 of these counters keeping track of various performance aspects, so the picture of what is happening can become quite clear.

Abu-Ghazaleh says that the ultimate danger of these attacks would be in a shared GPU-compute configuration, such as in a cloud-based machine learning environment. 

Turning off user mode access to the counters can defend against the third attack but would also break many existing applications that depend on the functionality. Nvidia has not yet released patches for the vulnerability, but Abu-Ghazaleh says that he understands patches to be in the works.

As of presstime, Nvidia had not responded to Dark Reading for comment.

Related Content:

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3243
PUBLISHED: 2021-04-15
Wfilter ICF 5.0.117 contains a cross-site scripting (XSS) vulnerability. An attacker in the same LAN can craft a packet with a malicious User-Agent header to inject a payload in its logs, where an attacker can take over the system by through its plugin-running function.
CVE-2021-29448
PUBLISHED: 2021-04-15
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin portal, which can be exploited by the malicious actor with the network access to DNS server. See the referenced GitHub security advisory for patch details.
CVE-2021-30138
PUBLISHED: 2021-04-15
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2021-27112
PUBLISHED: 2021-04-15
LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images.
CVE-2021-20288
PUBLISHED: 2021-04-15
An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associa...