"New Attack Shows Risks of Browsers Giving Websites Access to GPU"

A team of researchers from Graz University of Technology in Austria and the University of Rennes in France demonstrated a new Graphics Processing Unit (GPU) attack that affects several popular browsers and graphics cards. The study focused on WebGPU, an Application Programming Interface (API) that allows web developers to use the system's GPU to perform high-performance computations in a web browser. Through this API, they demonstrated an attack that works from the web browser using JavaScript. According to the team, they showed one of the first GPU cache side-channel attacks performed from within a browser. They explained how the method can be used for remote attacks by directing the targeted user to a website hosting malicious WebGPU code and getting them to stay on the website for several minutes as the exploit is executed. This article continues to discuss the new GPU attack.

SecurityWeek reports "New Attack Shows Risks of Browsers Giving Websites Access to GPU"

Submitted by grigby1