CVE-2023-53708 — Linux vulnerability

6 documents5 sources

Severity

4.0MEDIUM

No vector

EPSS

0.0%

top 92.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will be a memory leak. Explicitly guard against this.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.11.0 — 5.15.133+2

▶Debianlinux/linux_kernel< 6.1.55-1+2

▶CVEListV5linux/linux146f1ed852a87b802ed6e71c31e189c64871383c — 7b7964cd9db30bc84808a40d13a0633b4313f149+4

▶debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

OSV

ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects↗2025-10-22

▶

GHSA

GHSA-2f48-8mh4-9hm3: In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly construct↗2025-10-22

▶

OSV

CVE-2023-53708: In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed↗2025-10-22

▶

📋Vendor Advisories

Red Hat

kernel: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects↗2025-10-22

▶

Debian

CVE-2023-53708: linux - In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: ...↗2023

▶