University researchers out of University of California Riverside have published a paper this week detailing vulnerabilities in current GPU architectures making them vulnerable to side-channel attacks akin to Spectre and Meltdown.

With their focus on NVIDIA GPUs, UCLA Riverside researchers demonstrated attacks both for graphics and compute by exploiting the GPU's performance counters. Demonstrated attacks included a browser-based attack, extracting passwords / keystroke logging, and even the possibility of exposing a CUDA neural network algorithm.

Proposed mitigations include limiting the granularity of exposed counters or rate limiting those calls.

While demonstrated on NVIDIA GPUs, it's quite possible AMD Radeon hardware is also vulnerable. These attacks would be vulnerable under Linux as well and all major Linux GPU drivers do expose their perf counters to user-space.

More details on the GPU side-channel attack research via the paper.