CVE-2023-53708

low

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explicitly guard against this.

References

https://git.kernel.org/stable/c/9e8bbde9293151430884aed882a88eaa22298f72

https://git.kernel.org/stable/c/883cf0d4cf288313b71146ddebdf5d647b76c78b

https://git.kernel.org/stable/c/7b7964cd9db30bc84808a40d13a0633b4313f149

https://git.kernel.org/stable/c/1ea7e47807279369c82718efd2677ea25c6579e3

Details

Source: Mitre, NVD

Published: 2025-10-22

Updated: 2025-10-22

Risk Information

CVSS v2

Base Score: 1.7

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 3.3

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Severity: Low

EPSS

EPSS: 0.00018