What is CVE-2007-0772?

CVE-2007-0772 is a High severity Linux kernel vulnerability with a CVSS score of 7.8 out of 10. CVE-2007-0772 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2007-0772?

CVE-2007-0772 has a CVSS score of 7.8 out of 10, rated High severity. The vector string is AV:N/AC:L/Au:N/C:N/I:N/A:C.

Is there a patch available for CVE-2007-0772?

No patch is currently available for CVE-2007-0772. Monitor the NIST NVD and your Linux distribution's security advisories for updates.

Is CVE-2007-0772 actively exploited?

CVE-2007-0772 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2007-0772

High

The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.

Package Linux Kernel

Published 2007-02-20

Last modified 2026-04-23

CVSS version 2.0

Patch available

Awaiting data

CVSS 2.0 score

7.8

out of 10

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

User Interaction

Scope

Confidentiality

Low

Integrity

None

Availability

Vector string

AV:N/AC:L/Au:N/C:N/I:N/A:C

Weakness type

CWE-399

CVE-2007-0772 is classified as CWE-399

See CWE-399 on MITRE CWE for full details on this weakness type.

References

The following references provide additional information about CVE-2007-0772 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Fedoranews
http://fedoranews.org/cms/node/2739
Fedoranews
http://fedoranews.org/cms/node/2740
Kernel.org
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.1

Vendor Advisory
Osvdb
http://osvdb.org/33022
Secunia
http://secunia.com/advisories/24201

Vendor Advisory
Secunia
http://secunia.com/advisories/24215

Vendor Advisory
Secunia
http://secunia.com/advisories/24400

Vendor Advisory
Secunia
http://secunia.com/advisories/24482

Vendor Advisory
Secunia
http://secunia.com/advisories/24547

Vendor Advisory
Secunia
http://secunia.com/advisories/24752

Vendor Advisory
Secunia
http://secunia.com/advisories/24777

Vendor Advisory
Secunia
http://secunia.com/advisories/25691

Vendor Advisory
Mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:060
Mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:078
Novell
http://www.novell.com/linux/security/advisories/2007_18_kernel.html
Novell
http://www.novell.com/linux/security/advisories/2007_21_kernel.html
Securityfocus
http://www.securityfocus.com/archive/1/471457
Securityfocus
http://www.securityfocus.com/bid/22625
Ubuntu Security
http://www.ubuntu.com/usn/usn-451-1
Vupen
http://www.vupen.com/english/advisories/2007/0660

Vendor Advisory
Exchange
https://exchange.xforce.ibmcloud.com/vulnerabilities/32578
Issues
https://issues.rpath.com/browse/RPL-1063

Details

CVE ID CVE-2007-0772

Severity High

CVSS score 7.8 / 10

CVSS version 2.0

Published 2007-02-20

Modified 2026-04-23

KEV No

Patch Awaiting data

Package linux

Frequently asked questions

What is CVE-2007-0772?

CVE-2007-0772 is a High severity Linux kernel vulnerability with a CVSS score of 7.8 out of 10 . CVE-2007-0772 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2007-0772?

CVE-2007-0772 has a CVSS score of 7.8 out of 10, rated High severity (CVSS 2.0). The vector string is AV:N/AC:L/Au:N/C:N/I:N/A:C.
Is there a patch available for CVE-2007-0772?

No patch is currently available for CVE-2007-0772. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
Is CVE-2007-0772 actively exploited?

No — CVE-2007-0772 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.