CVE-2023-53708
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-22

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explicitly guard against this.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-22
Generated
2026-06-16
AI Q&A
2025-10-22
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53708
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's ACPI implementation for x86 systems during s2idle (a low power idle state). If the system firmware is badly constructed and includes multiple ACPI_TYPE_PACKAGE objects when evaluating the AMD LPS0 _DSM method, it can cause a memory leak. The fix involves explicitly guarding against multiple such objects to prevent the leak.

Impact Analysis

The vulnerability can lead to a memory leak in the Linux kernel when running on affected hardware with faulty firmware. This could degrade system performance or stability over time due to memory exhaustion, potentially causing crashes or other unpredictable behavior.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53708. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart