Apple Silicon Security Flaw Discovered in iPhone 12 and M2 MacBook Air

by

A security vulnerability that could allow attackers to access sensitive data has been discovered in some Apple silicon GPUs.

a14 bionic chip video
A recent investigation by cybersecurity firm Trail of Bits discovered the security flaw, named "LeftoverLocals," which allows attackers with local access to a device to retrieve data processed in the GPU's local memory. The issue is particularly concerning because of the expanding use of GPUs in processing Large Language Models (LLMs) for AI applications.

According to the firm, the vulnerability enables an attacker to eavesdrop on another user's interactive LLM session, potentially accessing sensitive information. Apple told Wired that newer devices with the A17 Pro and M3 chips have received patches to address this flaw, and Trail of Bits found that the third-generation iPad Air had also received a fix.

Most older models with vulnerable GPUs, including the iPhone 12 and M2 MacBook Air, are still vulnerable. While Apple has taken steps to patch certain devices, it remains unclear if and when all impacted models will receive security updates to directly address the problem.

The nature of the LeftoverLocals vulnerability is such that it requires installation of a malicious app or physical access to the device. As always, Apple encourages users to install the latest available software update to ensure they receive security fixes.

Tags: Apple Security, Apple Silicon Guide

Popular Stories

2024 iPhone Boxes Feature

Apple Adjusts Trade-In Values for iPhones, iPads, Macs, and More

Thursday November 6, 2025 11:12 am PST by
Apple today updated its trade-in values for select iPhone, iPad, Mac, and Apple Watch models. Trade-ins can be completed on Apple's website, or at an Apple Store. The charts below provide an overview of Apple's current and previous trade-in values in the U.S., according to its website. Maximum values for most devices either decreased or saw no change, but the iPad Air received a slight bump. ...
Read Full Article67 comments
Finder Siri Feature

Apple's New Siri Will Be Powered By Google Gemini

Wednesday November 5, 2025 11:57 am PST by
The smarter, more capable version of Siri that Apple is developing will be powered by Google Gemini, reports Bloomberg. Apple will pay Google approximately $1 billion per year for a 1.2 trillion parameter artificial intelligence model that was developed by Google. For context, parameters are a measure of how a model understands and responds to queries. More parameters generally means more...
Read Full Article367 comments
Liquid Glass General Feature

Apple Shares Liquid Glass Design Gallery

Thursday November 6, 2025 2:45 pm PST by
Apple is promoting the new Liquid Glass design in iOS 26, showing off the ways that third-party developers are embracing the aesthetic in their apps. On its developer website, Apple is featuring a visual gallery that demonstrates how "teams of all sizes" are creating Liquid Glass experiences. The gallery features examples of Liquid Glass in apps for iPhone, iPad, Apple Watch, and Mac. Apple...
Read Full Article106 comments
iOS 26

iOS 26.1 Available Now With These 8 New Features

Monday November 3, 2025 5:54 am PST by
Following more than a month of beta testing, Apple released iOS 26.1 on Monday, November 3. The update includes a handful of new features and changes, including the ability to adjust the look of Liquid Glass and more. Below, we outline iOS 26.1's key new features. Liquid Glass Toggle iOS 26.1 lets you choose your preferred look for Liquid Glass. In the Settings app, under Display...
Read Full Article
airtag purple

Apple's Website Lists AirTag 4-Pack at Shockingly Low Price [Updated]

Friday November 7, 2025 6:40 am PST by
Apple's online store in the U.S. is suddenly offering a pack of four AirTags for just $29, which is the same price as a single AirTag. This is likely a pricing error, and it is unclear if orders will be fulfilled. Apple has not discounted the AirTag four-pack in any other countries that we checked. Delivery estimates are already pushing into late November to early December, suggesting...
Read Full Article91 comments
apple watch se 3 always on

Apple to Remove iPhone-Apple Watch Wi-Fi Sync in EU With iOS 26.2

Thursday November 6, 2025 4:37 am PST by
Apple in iOS 26.2 will disable automatic Wi-Fi network syncing between iPhone and Apple Watch in the European Union to comply with the bloc's regulations, suggests a new report. Normally, when an iPhone connects to a new Wi-Fi network, it automatically shares the network credentials with the paired Apple Watch. This allows the watch to connect to the same network independently – for...
Read Full Article208 comments
ikea smart home devices

IKEA Debuts 21 HomeKit-Compatible Smart Bulbs, Sensors, and Controls

Thursday November 6, 2025 4:08 pm PST by
IKEA today announced the upcoming launch of 21 new Matter-compatible smart home products that will be able to interface with HomeKit and the Apple Home app. There are sensors, lights, and control options, all of which will be reasonably priced. Some of the products are new, while some are updates to existing lines that IKEA previously offered. There are a series of new smart bulbs that are...
Read Full Article73 comments
Home Hub Command Center with Dome Base Feature

Apple's 2026 Smart Home Revamp: All the Rumors

Wednesday November 5, 2025 3:54 pm PST by
It's been over a decade since Apple's HomeKit smart home platform launched, and it is overdue for an update. HomeKit and the Home app can no longer keep up with AI-powered solutions from other companies like Google and Amazon, but that's set to change with a smart home revamp that Apple has planned for 2026. Home Hub Apple is working on a home hub or "command center" that will serve as a...
Read Full Article56 comments

Top Rated Comments

GMShadow Avatar
GMShadow
24 months ago

The nature of the LeftoverLocals vulnerability is such that it requires physical access to the device,
This makes it more of an academic vulnerability - the number of people at risk of having their device stolen so someone can run this hack on it is infinitesimal. Patch it if possible, but 99.999% of people shouldn't be worried about this.
Score: 29 Votes (Like | Disagree)
3530025 Avatar
3530025
24 months ago

If someone has your Mac there are 1000 easier ways to get data off it than this.
Score: 28 Votes (Like | Disagree)
GMShadow Avatar
GMShadow
24 months ago

Will be interesting to see if Apple will fix the M2 MacBook Air or use this as an opportunity to motivate people to upgrade their M2 MacBook Air to the M3 MacBook Air, by claiming it's not fixable.
If someone has your Mac there are 1000 easier ways to get data off it than this.
Score: 16 Votes (Like | Disagree)
bviktor Avatar
bviktor
24 months ago

One more reason to convince my friend to upgrade from her 12. But should've this happened in the first place,
All devices get new vulnerabilities all the time. That includes new devices. We need a patch, not a new device.
Score: 13 Votes (Like | Disagree)
chrono1081 Avatar
chrono1081
24 months ago

Measurements taken to force people to upgrade. Apple knows that the ship is gonna sink, hence everyone is leaving the company and WSB horses have been implemented into the company to take full control and drive it down the core leaving with all the money.
This isn't remotely true. If you truly think this way I legit feel bad for you. This is a weird security flaw (which happens all the time, security is a game of cat and mouse), nothing more.
Score: 9 Votes (Like | Disagree)
roar08 Avatar
roar08
24 months ago

I see AAPL having a time ticking bomb...
This has been said about AAPL for the past 30+ years. I guess that's one long fuse.
Score: 9 Votes (Like | Disagree)
Read All Comments