Skip to main content
SpringerLink
Log in

Buffer overflow vulnerabilities in CUDA: a preliminary analysis

  • Original Paper
  • Published:
Journal of Computer Virology and Hacking Techniques Aims and scope Submit manuscript

Abstract

We present a preliminary study of buffer overflow vulnerabilities in CUDA software running on GPUs. We show how an attacker can overrun a buffer to corrupt sensitive data or steer the execution flow by overwriting function pointers, e.g., manipulating the virtual table of a C++ object. In view of a potential mass market diffusion of GPU accelerated software this may be a major concern.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Amazon: CUDA on AWS. http://aws.amazon.com/articles/7249489223918169

  2. AMD. http://developer.amd.com/tools-and-sdks/opencl-zone/

  3. Anonymous: Once upon a free(). http://phrack.org/issues/57/9.html

  4. Flux Research Group, University of Utah: KGPU. https://code.google.com/p/kgpu/

  5. Khronos Group: OpenCL. http://www.khronos.org/opencl/

  6. Khronos Group: OpenGL. https://www.opengl.org/

  7. Khronos Group: WebGL. https://www.khronos.org/webgl

  8. NVIDIA: CUDA binary utilities. http://docs.nvidia.com/cuda/cuda-binary-utilities/index.html

  9. NVIDIA: CUDA programming guide. http://docs.nvidia.com/cuda/cuda-c-programming-guide/index.html (2014)

  10. NVIDIA: Parallel thread execution ISA. http://docs.nvidia.com/cuda/parallel-thread-execution/ (2014)

  11. One, A.: Smashing the stack for fun and profit. http://phrack.org/issues/49/14.html

  12. Reynaud, D.: GPU powered malware, Ruxcon (2008)

  13. Rix: SMASHING C++ VPTRS. http://phrack.org/issues/56/8.html

  14. Roberto Di Pietro Flavio Lombardi, A.V.: CUDA leaks: information leakage in GPU architectures. arXiv:1305.7383

  15. Roemer, R., Buchanan, E., Shacham, H., Savage, S.: Return-oriented programming: systems, languages, and applications. ACM Trans. Info. Syst. Secur. 15(1), 2:1–2:34 (2012)

  16. Silberstein, M., Ford, B., Keidar, I., Witchel, E.: GPUfs: integrating a file system with GPUs. SIGARCH Comput. Archit. News 41(1), 485–498 (2013). doi:10.1145/2490301.2451169

    Google Scholar 

  17. Vasiliadis, G., Polychronakis, M., Ioannidis, S.: GPU-assisted malware. In: 2010 5th International Conference on Malicious and Unwanted Software (MALWARE), pp. 1–6 (2010). doi:10.1109/MALWARE.2010.5665801

Download references

Author information

Authors and Affiliations

  1. LACAL, EPFL, Lausanne, Switzerland

    Andrea Miele

Authors
  1. Andrea Miele
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andrea Miele.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Miele, A. Buffer overflow vulnerabilities in CUDA: a preliminary analysis. J Comput Virol Hack Tech 12, 113–120 (2016). https://doi.org/10.1007/s11416-015-0251-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-015-0251-1

Keywords

Search

Navigation