A Study of Overflow Vulnerabilities on GPUs

Abstract : GPU-accelerated computing gains rapidly-growing popularity in many areas such as scientific computing, database systems, and cloud environments. However, there are less investigations on the security implications of concurrently running GPU applications. In this paper, we explore security vulnerabilities of CUDA from multiple dimensions. In particular, we first present a study on GPU stack, and reveal that stack overflow of CUDA can affect the execution of other threads by manipulating different memory spaces. Then, we show that the heap of CUDA is organized in a way that allows threads from the same warp or different blocks or even kernels to overwrite each other’s content, which indicates a high risk of corrupting data or steering the execution flow by overwriting function pointers. Furthermore, we verify that integer overflow and function pointer overflow in struct also can be exploited on GPUs. But other attacks against format string and exception handler seems not feasible due to the design choices of CUDA runtime and programming language features. Finally, we propose potential solutions of preventing the presented vulnerabilities for CUDA.
Type de document :
Communication dans un congrès
Guang R. Gao; Depei Qian; Xinbo Gao; Barbara Chapman; Wenguang Chen. 13th IFIP International Conference on Network and Parallel Computing (NPC), Oct 2016, Xi'an, China. Springer International Publishing, Lecture Notes in Computer Science, LNCS-9966, pp.103-115, 2016, Network and Parallel Computing. 〈10.1007/978-3-319-47099-3_9〉
Liste complète des métadonnées

Littérature citée [9 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01648002
Contributeur : Hal Ifip <>
Soumis le : vendredi 24 novembre 2017 - 16:49:06
Dernière modification le : vendredi 24 novembre 2017 - 16:51:00

Fichier

 Accès restreint
Fichier visible le : 2019-01-01

Connectez-vous pour demander l'accès au fichier

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Bang Di, Jianhua Sun, Hao Chen. A Study of Overflow Vulnerabilities on GPUs. Guang R. Gao; Depei Qian; Xinbo Gao; Barbara Chapman; Wenguang Chen. 13th IFIP International Conference on Network and Parallel Computing (NPC), Oct 2016, Xi'an, China. Springer International Publishing, Lecture Notes in Computer Science, LNCS-9966, pp.103-115, 2016, Network and Parallel Computing. 〈10.1007/978-3-319-47099-3_9〉. 〈hal-01648002〉

Partager

Métriques

Consultations de la notice

72