Star 0


Graphics processing units (GPUs) are important components of modern computing devices for not only graphic rendering but also efficient parallel computations. However, their security problems are not much concerned despite of their importance and popularity. In this paper, we first perform an in-depth security analysis on GPUs to detect security vulnerabilities. We detect that contemporary, widely-used GPUs, both NVIDIA's and AMD's, do not initialize newly allocated GPU memory pages which may contain sensitive user data. We propose attack methods that can reveal the GPU memory of a victim program both during its execution and right after its termination by exploiting the vulnerabilities. We show high applicability of the proposed attacks by applying them to the Chromium and Firefox web browsers which utilize GPUs for accelerating webpage rendering. We detect that both browsers leave webpage textures in the GPU memory so that we can infer which webpages a victim user visits by analyzing them. The accuracy of our advanced inference attacks is up to 95.4%.