CVE-2002-2180

2005-11-1621:17:00

mitre

www.cve.org

openbsd

setitimer

kernel memory

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error.

References

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/032_kerntime.patch

www.iss.net/security_center/static/10278.php

www.openbsd.org/plus32.html

www.securityfocus.com/bid/5861