CVE-2023-53708
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-22

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explicitly guard against this.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-22
Generated
2026-05-07
AI Q&A
2025-10-22
EPSS Evaluated
2026-05-05
NVD
CVE-2023-53708
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's ACPI implementation for x86 systems during s2idle (a low power idle state). If the system firmware is badly constructed and includes multiple ACPI_TYPE_PACKAGE objects when evaluating the AMD LPS0 _DSM method, it can cause a memory leak. The fix involves explicitly guarding against multiple such objects to prevent the leak.


How can this vulnerability impact me? :

The vulnerability can lead to a memory leak in the Linux kernel when running on affected hardware with faulty firmware. This could degrade system performance or stability over time due to memory exhaustion, potentially causing crashes or other unpredictable behavior.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart