Nvidia gpu vulnerability exposure allows you to view pornographic website browsing history

Nvidia gpu vulnerability exposure allows you to view pornographic website browsing history

Chrome's stealth mode may not be able to protect personal privacy under certain circumstances. Recently, a game player has exposed a vulnerability on Nvidia GPU, this vulnerability allows you to view pornographic website images in Chrome stealth mode.
Evan Anderson found this bug during one game loading.
Evan Anderson, a player in Diablo III, discovered two years ago that starting a role in Diablo III instantly showed him browsing pornographic websites in Chrome's stealth mode. You can imagine that when your game was started and loaded, what happened was that you browsed pornographic website images in Chrome's stealth mode a few hours ago, how do you feel. Evan Anderson has already discussed this issue in detail in his blog.
When Evan Anderson loaded the Diablo III game, the previous pornographic website suddenly "Filled" the screen.

After careful research, he found that this is a bug in the nvidia gpu driver. After the browser is closed and switched to the game, the GPU driver does not completely clear the cached image data in the video memory, which allows the content of one application to overflow into another application. At the same time, because Diablo III itself does not erase the image cache data of the previous application from the GPU Display memory during the loading process, as a result, the content window of the previous application appears in the Diablo III screen. To reproduce the Bug, player Evan Anderson wrote a program to scan non-zero pixels in the GPU memory. It can reproduce the reddit user account webpage in other application screens.
Evan Anderson has previously submitted this issue to Google and Nvidia. For some reason, Google and NVIDIA have not fixed this issue, nor have they contacted him. Evan Anderson said that Google may not fix the bug because the stealth mode "protects users from external attacks, but this is the same computer ". It was reported that some game players said the vulnerability should be a problem with Google, some said that it was a problem with Nvidia, and some said that Google and Nvidia should be responsible for fixing the bug. Several players said they encountered similar problems on the Safari iPad.

Nvidia has confirmed this problem
Anderson said it was "easier" to solve this problem ". But in fact it is not that easy, because to solve this problem, NVIDIA is concerned that the number of underlying nvidia gpu program code is quite large, it is said that "the nvidia gpu hardware abstraction layer has-million lines of code", and the API program code needs to be added, so this quantity is quite large.
For Chrome's privacy mode, Google said that when all opened stealth windows are closed, no other traces (such as cookies) will be left on the computer ). Although you know this clearly, some people do not know this very well.
Recently, Anderson said that he has submitted the problem to Google and Nvidia. Nvidia has confirmed the bug, but it has not completely fixed it yet.