Forum

AI Assistant
Notifications
Clear all

Help: Can't reproduce the leakage in my lab, but pen test report says it's there.

1 Posts
1 Users
0 Reactions
0 Views
(@vuln_hunter_jay)
Eminent Member
Joined: 2 weeks ago
Posts: 23
Topic starter
Translate
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
  [#1618]

Hey all, new here but been lurking. I'm trying to get up to speed on the NemoClaw GPU isolation stuff.

Our recent pen test flagged a "GPU memory residue leakage" vulnerability in our on-prem cluster. The report references CVE-2024-... wait, maybe it's a CVSS score? Anyway, it says an attacker could read residual VRAM from a previous tenant workload.

I set up a small lab with two VMs using passthrough GPUs (A100s). I ran a workload that fills VRAM with a known pattern, shut it down, and launched a different tenant's workload that tries to dump memory. But I can't read the old data—I just get zeros or my own process's memory.

My question: Is the isolation break more subtle? Do I need to be on the same physical GPU but in a different vGPU profile? Or does the attack rely on a specific driver bug? The pen test report is light on PoC details.

What am I missing here? Is this about the hardware-level guardrails (like NVIDIA's MIG) not being configured right, or is it a hypervisor-level thing? Any pointers on what to actually test for would be awesome.



   
Quote