New GPU Side Channel Vulnerability Impacts GPUs from Intel, AMD, Apple & Nvidia

A new research paper has been published that mentions a side-channel attack that threat actors can exploit to leak sensitive visual data from modern GPU cards when visiting a malicious website.

This method was published under the name “” by four American universities: the University of Texas at Austin, Carnegie Mellon University, the University of Washington, and the University of Illinois. The attack simulation was based on a cross-origin SVG filter pixel-stealing attack via Chrome browser for research purposes.


Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

GPU Side-Channel Vulnerability

The lead author Yingchen Wang mentions in his research paper that this attack was due to the undocumented ways of compression used by vendors like Intel and AMD. These vendor-specific compressions took place even when the software program did not specifically request compression.

“Compression induces data-dependent DRAM traffic and cache utilization, which can be measured through side-channel analysis. Unfortunately, besides its well-recognized performance benefits, compression is also a known source of side-channel data leakages. ” reads the research paper. 

Intel and AMD do this type of risky compression in their modern GPUs as part of an optimization strategy to save on memory bandwidth and increase their performance without the use of additional software. 

Test results for selected GPUs
Test results for selected GPUs (Source: Hertzbleed)

The research paper also stated, “An attacker can leak secrets in HTTP/HTTPS requests and responses bit-by-bit by exploiting how compressibility is often secret-dependent.” This means that the attack can steal sensitive visual data by reading pixel-by-pixel.

Moreover, the attack demonstration was conducted on the Wikipedia site for stealing the username using an iframe. The results for the Ryzen side-channel attack were within 30 minutes, and for Intel GPUs, it was 215 minutes. Though the attacks took more time, making most threat actors lose their patience, the accuracies were 97% and 98.3%, respectively.

(Source: Hertzbleed)

For detailed information about the case study, attack scenarios, discussion, and other information, following the research paper published by Hertzbleed is recommended.

According to Intel, they have not been able to review the researcher’s complete paper. However, they have examined the findings that were shared with them and concluded that the issue does not lie within their GPUs but rather in software from a third party.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.

Eswar is a Cyber security reporter with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is reporting data breach, Privacy and APT Threats.