CVE-2023-54010 - Vulnerability Details

- ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects

Description

In the Linux kernel, the following vulnerability has been resolved:

ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects

ACPICA commit 0d5f467d6a0ba852ea3aad68663cbcbd43300fd4

ACPI_ALLOCATE_ZEROED may fails, object_info might be null and will cause
null pointer dereference later.

Published: 2025-12-24

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`9957510255724c1c746c9a6264c849e9fdd4cd24`	affected	< c9fcb2cfcbd4d7018d9f659f5b670f5b727d1968
`9957510255724c1c746c9a6264c849e9fdd4cd24`	affected	< 35d67ffad6f5d78dbd800d354f5334c7b71a19e0
`9957510255724c1c746c9a6264c849e9fdd4cd24`	affected	< c409eb45f5ddae2e3b3faa76cefc87f3cd0d0e88
`9957510255724c1c746c9a6264c849e9fdd4cd24`	affected	< 978e0d05547ae707d51a942fc7e85a34e181ee6f
`9957510255724c1c746c9a6264c849e9fdd4cd24`	affected	< d997c920a5305b37f0b8a40501b5aca10d099ecd
`9957510255724c1c746c9a6264c849e9fdd4cd24`	affected	< fee6133490091492dc66bcf71479bd53bd17a7d2
`9957510255724c1c746c9a6264c849e9fdd4cd24`	affected	< ed2e1e85644ca3d351324e9927a538c8af4df654
`9957510255724c1c746c9a6264c849e9fdd4cd24`	affected	< ae5a0eccc85fc960834dd66e3befc2728284b86c

Linux

affected

Version	Status	Constraints
`4.4`	affected	—
`0`	unaffected	< 4.4
`4.14.316`	unaffected	≤ 4.14.*
`4.19.284`	unaffected	≤ 4.19.*
`5.4.244`	unaffected	≤ 5.4.*
`5.10.181`	unaffected	≤ 5.10.*
`5.15.113`	unaffected	≤ 5.15.*
`6.1.30`	unaffected	≤ 6.1.*
`6.3.4`	unaffected	≤ 6.3.*
`6.4`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00047.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/35d67ffad6f5d78dbd800d354f5334c7b71a19e0
https://git.kernel.org/stable/c/978e0d05547ae707d51a942fc7e85a34e181ee6f
https://git.kernel.org/stable/c/ae5a0eccc85fc960834dd66e3befc2728284b86c
https://git.kernel.org/stable/c/c409eb45f5ddae2e3b3faa76cefc87f3cd0d0e88
https://git.kernel.org/stable/c/c9fcb2cfcbd4d7018d9f659f5b670f5b727d1968
https://git.kernel.org/stable/c/d997c920a5305b37f0b8a40501b5aca10d099ecd
https://git.kernel.org/stable/c/ed2e1e85644ca3d351324e9927a538c8af4df654
https://git.kernel.org/stable/c/fee6133490091492dc66bcf71479bd53bd17a7d2
https://lore.kernel.org/linux-cve-announce/2025122430-CVE-2023-54010-9ff1@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-54010
https://www.cve.org/CVERecord?id=CVE-2023-54010

History

Fri, 26 Dec 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025122430-CVE-2023-54010-9ff1@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-54010 https://www.cve.org/CVERecord?id=CVE-2023-54010
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Wed, 24 Dec 2025 11:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects ACPICA commit 0d5f467d6a0ba852ea3aad68663cbcbd43300fd4 ACPI_ALLOCATE_ZEROED may fails, object_info might be null and will cause null pointer dereference later.
Title		ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/35d67ffad6f5d78dbd800d354f5334c7b71a19e0 https://git.kernel.org/stable/c/978e0d05547ae707d51a942fc7e85a34e181ee6f https://git.kernel.org/stable/c/ae5a0eccc85fc960834dd66e3befc2728284b86c https://git.kernel.org/stable/c/c409eb45f5ddae2e3b3faa76cefc87f3cd0d0e88 https://git.kernel.org/stable/c/c9fcb2cfcbd4d7018d9f659f5b670f5b727d1968 https://git.kernel.org/stable/c/d997c920a5305b37f0b8a40501b5aca10d099ecd https://git.kernel.org/stable/c/ed2e1e85644ca3d351324e9927a538c8af4df654 https://git.kernel.org/stable/c/fee6133490091492dc66bcf71479bd53bd17a7d2

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T10:55:43.386Z

Updated: 2026-05-11T19:53:32.764Z

Reserved: 2025-12-24T10:53:46.178Z

Link: CVE-2023-54010

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2025-12-24T11:15:53.970

Modified: 2026-04-15T00:35:42.020

Link: CVE-2023-54010

Redhat

Severity : Low

Publid Date: 2025-12-24T00:00:00Z

Links: CVE-2023-54010 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object