Tracked as CVE-2023-4969, the vulnerability allows attackers to recover data from GPU local memory.
LeftoverLocals can leak significant amounts of data, ranging from 5 MB to 180 MB.
The researchers believe that this is “enough information to reconstruct the LLM response with high precision.”
The iPhone 15, however, is seemingly free from the vulnerability.
As for Qualcomm, the company rolled out a patch to firmware v2.07, addressing LeftoverLocals for some devices.
It is, however, likely that other devices powered by the company’s chips are still impacted.
Imagination also released a fix for LeftoverLocals in its latest DDK release, 23.3, in December 2023.
