Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CloudBorne and CloudJacking Attacks to LLM-05 Supply Chain - CVE-2023-4969 #264

Open
2 tasks
GangGreenTemperTatum opened this issue Jan 18, 2024 · 0 comments
Open
2 tasks

Add CloudBorne and CloudJacking Attacks to LLM-05 Supply Chain - CVE-2023-4969 #264

GangGreenTemperTatum opened this issue Jan 18, 2024 · 0 comments
Assignees
@virtualsteve-star
Labels
enhancement Changes/additions to the Top 10; eg. clarifications, examples, links to external resources, etc llm-05 Relates to LLM Top-10 entry #5

Comments

@GangGreenTemperTatum
Copy link
Collaborator

Remember, an issue is not the place to ask questions. You can use our Slack channel for that, or you may want to start a discussion on the Discussion Board.

When reporting an issue, please be sure to include the following:

  • [X ] Before you open an issue, please check if a similar issue already exists or has been closed before.
  • [X ] A descriptive title and apply the specific LLM-0-10 label relative to the entry. See our available labels.
  • [X ] A description of the problem you're trying to solve, including why you think this is a problem
  • [X ] If the enhancement changes current behavior, reasons why your solution is better
  • What artifact and version of the project you're referencing, and the location (I.E OWASP site, llmtop10.com, repo)
  • The behavior you expect to see, and the actual behavior

Steps to Reproduce

NA

What happens?

NA

What were you expecting to happen?

Within the current LLM entry, I think supply-chain needs to cover cloudborne and cloudjacking attacks, IE GPU and cloud providers in further detail which the entry currently does not cover and is applicable to all companies and AI developers who depend on cloud resources.
I added an article of interest below which I feel would back up this entry' resources section.

Any logs, error output, etc?

NA

Any other comments?

LeftoverLocals: Listening to LLM responses through leaked GPU local memory

  • [NA] Slack post link (if relevant)

What versions of hardware and software are you using?

NA
@GangGreenTemperTatum GangGreenTemperTatum added enhancement Changes/additions to the Top 10; eg. clarifications, examples, links to external resources, etc llm-05 Relates to LLM Top-10 entry #5 labels Jan 18, 2024
@GangGreenTemperTatum GangGreenTemperTatum changed the title Add CloudBorne and CloudJacking Attacks to LLM-05 Supply Chain Add CloudBorne and CloudJacking Attacks to LLM-05 Supply Chain - CVE-2023-4969 Jan 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@virtualsteve-star virtualsteve-star

Labels
enhancement Changes/additions to the Top 10; eg. clarifications, examples, links to external resources, etc llm-05 Relates to LLM Top-10 entry #5
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@virtualsteve-star @GangGreenTemperTatum