Apple Silicon Security Flaw Discovered in iPhone 12 and M2 MacBook Air

by

A security vulnerability that could allow attackers to access sensitive data has been discovered in some Apple silicon GPUs.

a14 bionic chip video
A recent investigation by cybersecurity firm Trail of Bits discovered the security flaw, named "LeftoverLocals," which allows attackers with local access to a device to retrieve data processed in the GPU's local memory. The issue is particularly concerning because of the expanding use of GPUs in processing Large Language Models (LLMs) for AI applications.

According to the firm, the vulnerability enables an attacker to eavesdrop on another user's interactive LLM session, potentially accessing sensitive information. Apple told Wired that newer devices with the A17 Pro and M3 chips have received patches to address this flaw, and Trail of Bits found that the third-generation iPad Air had also received a fix.

Most older models with vulnerable GPUs, including the iPhone 12 and M2 MacBook Air, are still vulnerable. While Apple has taken steps to patch certain devices, it remains unclear if and when all impacted models will receive security updates to directly address the problem.

The nature of the LeftoverLocals vulnerability is such that it requires installation of a malicious app or physical access to the device. As always, Apple encourages users to install the latest available software update to ensure they receive security fixes.

Tags: Apple Security, Apple Silicon Guide

Popular Stories

iPhone 17 Pro Dark Blue and Orange

iPhone 17 Release Date, Pre-Orders, and What to Expect

Thursday August 28, 2025 4:08 am PDT by
An iPhone 17 announcement is a dead cert for September 2025 – Apple has already sent out invites for an "Awe dropping" event on Tuesday, September 9 at the Apple Park campus in Cupertino, California. The timing follows Apple's trend of introducing new iPhone models annually in the fall. At the event, Apple is expected to unveil its new-generation iPhone 17, an all-new ultra-thin iPhone 17...
Read Full Article56 comments
xiaomi apple ad india

Apple and Samsung Push Back Against Xiaomi's Bold India Ads

Friday August 29, 2025 4:54 am PDT by
Apple and Samsung have reportedly issued cease-and-desist notices to Xiaomi in India for an ad campaign that directly compares the rivals' devices to Xiaomi's products. The two companies have threatened the Chinese vendor with legal action, calling the ads "disparaging." Ads have appeared in local print media and on social media that take pot shots at the competitors' premium offerings. One...
Read Full Article205 comments
iPhone 17 Pro Iridescent Feature 2

iPhone 17 Pro Clear Case Leak Reveals Three Key Changes

Sunday August 31, 2025 1:26 pm PDT by
Apple is expected to unveil the iPhone 17 series on Tuesday, September 9, and last-minute rumors about the devices continue to surface. The latest info comes from a leaker known as Majin Bu, who has shared alleged images of Apple's Clear Case for the iPhone 17 Pro and Pro Max, or at least replicas. Image Credit: @MajinBuOfficial The images show three alleged changes compared to Apple's iP...
Read Full Article71 comments
maxresdefault

The MacRumors Show: iPhone 17's 'Awe Dropping' Accessories

Friday August 29, 2025 8:12 am PDT by
Following the announcement of Apple's upcoming "Awe dropping" event, on this week's episode of The MacRumors Show we talk through all of the new accessories rumored to debut alongside the iPhone 17 lineup. Subscribe to The MacRumors Show YouTube channel for more videos We take a closer look at Apple's invite for "Awe dropping;" the design could hint at the iPhone 17's new thermal system with ...
Read Full Article20 comments

Top Rated Comments

GMShadow Avatar
GMShadow
21 months ago

The nature of the LeftoverLocals vulnerability is such that it requires physical access to the device,
This makes it more of an academic vulnerability - the number of people at risk of having their device stolen so someone can run this hack on it is infinitesimal. Patch it if possible, but 99.999% of people shouldn't be worried about this.
Score: 29 Votes (Like | Disagree)
3530025 Avatar
3530025
21 months ago

If someone has your Mac there are 1000 easier ways to get data off it than this.
MacRumors content image
Score: 28 Votes (Like | Disagree)
GMShadow Avatar
GMShadow
21 months ago

Will be interesting to see if Apple will fix the M2 MacBook Air or use this as an opportunity to motivate people to upgrade their M2 MacBook Air to the M3 MacBook Air, by claiming it's not fixable.
If someone has your Mac there are 1000 easier ways to get data off it than this.
Score: 16 Votes (Like | Disagree)
bviktor Avatar
bviktor
21 months ago

One more reason to convince my friend to upgrade from her 12. But should've this happened in the first place,
All devices get new vulnerabilities all the time. That includes new devices. We need a patch, not a new device.
Score: 13 Votes (Like | Disagree)
chrono1081 Avatar
chrono1081
21 months ago

Measurements taken to force people to upgrade. Apple knows that the ship is gonna sink, hence everyone is leaving the company and WSB horses have been implemented into the company to take full control and drive it down the core leaving with all the money.
This isn't remotely true. If you truly think this way I legit feel bad for you. This is a weird security flaw (which happens all the time, security is a game of cat and mouse), nothing more.
Score: 9 Votes (Like | Disagree)
roar08 Avatar
roar08
21 months ago

I see AAPL having a time ticking bomb...
This has been said about AAPL for the past 30+ years. I guess that's one long fuse.
Score: 9 Votes (Like | Disagree)
Read All Comments