New GPU.Zip Pixel-Stealing Attack Targets GPUs from AMD, Apple, Arm, Intel, Nvidia, and Qualcomm

The vulnerability lets malicious webpages leak pixel data from other sites, breaching the browser's security model.

Researchers have discovered a novel side-channel vulnerability, dubbed, affecting graphics processing units (GPUs) from major suppliers including AMD, Apple, Arm, Intel, Nvidia, and Qualcomm. This vulnerability exposes visual data processed on the GPU, allowing a malicious webpage to leak pixels from another webpage, thereby violating the browser security model.

The research paper, titled “ On the Side-Channel Implications of Hardware-Based Graphical Data Compression,” is set to be presented at the 45th IEEE Symposium on Security and Privacy in May 2024.

Exploiting Graphical Data Compression exploits an optimization present in nearly all modern GPUs: graphical data compression. This feature is designed to save memory bandwidth and enhance performance without requiring software involvement. The vulnerability is particularly concerning as it is software transparent and data dependent. The researchers demonstrated that through, sensitive user information, such as a Wikipedia username, could be compromised when a user logged into Wikipedia visits a malicious webpage.

Vendors and Browsers Response

Upon discovering the vulnerability, the researchers disclosed their findings and proof-of-concept code to GPU vendors and in March 2023. As of September 2023, neither the GPU vendors nor Google have committed to releasing patches. Interestingly, the vulnerability primarily affects Google Chrome, as it meets specific criteria that make it susceptible to the pixel stealing attack demonstrated in the paper. Other browsers like Firefox and Safari do not meet these criteria and are therefore not vulnerable.

User Impact and Mitigation

For most users, the immediate risk is relatively low, as many sensitive websites already prevent being embedded by cross-origin websites. However, some websites remain vulnerable, and users are advised to be cautious. Website developers displaying sensitive user information are encouraged to configure their websites to deny being embedded by cross-origin websites to protect their users. The researchers have provided more information and guidelines on their official website, and the source code of is available on GitHub.

“Likely, yes. We tested integrated GPUs from AMD, Apple, Arm, , and and one discrete GPU from . We have at least preliminary results to show that all tested GPUs are affected,” the researchers stated regarding the widespread impact of the vulnerability. They further explained that “GPU graphical data compression is a feature of modern GPUs used to save memory bandwidth and improve performance without any software involvement.”