Past November 13rd a fix was commited in the Linux kernel. For some reason /sys/kernel/debug/acpi/custom_method was world writable, allowing any user to inject custom ACPI methods into the ACPI interpreter tables.
cm_dentry = debugfs_create_file("custom_method", S_IWUGO, acpi_dir, NULL, &cm_fops);
S_IWUGO is a macro that grants world writable permissions
#define S_IWUGO (S_IWUSR|S_IWGRP|S_IWOTH)
The fix changes the permissions to S_IWUSR, that is a macro that grants write access to the owner (root)
An exploit already exists for this vulnerability.