CVE-2002-2180

Published: Nov 16, 2005

Modified: Sep 16, 2024

PUBLISHED

Description

The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20021002 Incorrect argument checking in the setitimer(2) system call may allow an attacker to write to kernel memory.

vendor-advisory

x_refsource_OPENBSD

openbsd-setitimer-memory-overwrite(10278)

vdb-entry

x_refsource_XF

5861

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2002-2180

Description

Affected Products

References