In 2007, 75 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 0 were rated Critical, 16 High severity . Compared to 2006's 83 CVEs, 2007 represented a decrease of 10% year-on-year. March was the most active month, with 10 CVEs published.
Monthly CVE Breakdown — 2007
CVEs published per month with severity breakdown
March (10) was the most active month in 2007. Together the top months account for a significant share of 2007's 75 total CVEs. April (3) had the lowest volume.
Severity Distribution — 2007
Breakdown across 75 CVEs
52% Medium · 21% High · 0% Critical. 1 CVEs (1%) still awaiting NVD scoring.
Monthly Counts — 2007
CVE counts by month and severity
March was the most active month with 10 CVEs — 13% of 2007's total. April (3) had the lowest volume.
| Month | Total | Critical | High | Medium | Low | Share of year |
|---|---|---|---|---|---|---|
| January | 4 | 0 | 2 | 1 | 1 |
5%
|
| February | 5 | 0 | 1 | 1 | 3 |
7%
|
| March | 10 | 0 | 2 | 8 | 0 |
13%
|
| April | 3 | 0 | 1 | 1 | 1 |
4%
|
| May | 8 | 0 | 1 | 7 | 0 |
11%
|
| June | 5 | 0 | 0 | 3 | 2 |
7%
|
| July | 8 | 0 | 1 | 4 | 3 |
11%
|
| August | 5 | 0 | 0 | 3 | 2 |
7%
|
| September | 10 | 0 | 1 | 5 | 4 |
13%
|
| October | 3 | 0 | 0 | 2 | 1 |
4%
|
| November | 8 | 0 | 3 | 4 | 0 |
11%
|
| December | 6 | 0 | 4 | 0 | 2 |
8%
|
| Total | 75 | 0 | 16 | 39 | 19 |
All CVEs — 2007
75 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2007-5908 | linux | Awaiting NVD | — | 2007-11-09 | Rejected reason: Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources f… | |
| CVE-2006-6535 | linux | High | 9.4 | 2007-01-30 | The dev_queue_xmit function in Linux kernel 2.6 can fail before calling the local_bh_disable function, which could lead… | |
| CVE-2007-4567 | linux | High | 7.8 | 2007-12-21 | The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-… | |
| CVE-2007-5501 | linux | High | 7.8 | 2007-11-15 | The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc thr… | |
| CVE-2007-3642 | linux | High | 7.8 | 2007-07-10 | The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c in the Linux kernel before 2.6.20.15, 2.6.21.x bef… | |
| CVE-2007-2764 | linux | High | 7.8 | 2007-05-18 | The embedded Linux kernel in certain Sun-Brocade SilkWorm switches before 20070516 does not properly handle a situation… | |
| CVE-2007-1357 | linux | High | 7.8 | 2007-04-11 | The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attacke… | |
| CVE-2007-0772 | linux | High | 7.8 | 2007-02-20 | The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) … | |
| CVE-2006-7229 | linux | High | 7.5 | 2007-11-15 | The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_unlock functions, whi… | |
| CVE-2007-5966 | linux | High | 7.2 | 2007-12-20 | Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local us… |
2007 Linux Kernel CVE Highlights
-
Volume without critical severity
Despite high CVE volume, 2007 produced only 0 Critical-rated vulnerabilities. 52% of 2007 CVEs are Medium severity. This means the surge in raw numbers does not represent a proportional surge in high-severity risk.
-
Large backlog awaiting NVD scoring
1 of 2007's CVEs (1%) are still listed as "Awaiting NVD" — meaning no CVSS score has been assigned yet. This is typical for bulk-published CVEs from the Linux kernel CNA: the kernel team publishes CVEs rapidly, and NVD scoring lags by weeks or months.
-
Monthly variation
CVE publication in 2007 was uneven across months. March was the most active with 10 CVEs. April (3) had the lowest volume. Monthly spikes typically correspond to coordinated batches of backfilled CVEs being processed at once.