We have recently found serious security breach in CUDA Linux drivers.
The problem is related to cudaHostAlloc/cuMemHostAlloc API calls. In brief,
driver maps pinned memory to user space but does not initialize it to zero.
As an example, our simplest “proof of concept” program was able to read large
fragments of files being written or read by other users.
More information on this bug is available here: