CVE-2002-1420 — HIGH severity vulnerability (Integer signedness error in select() on OpenBSD 3.1 and earl)
Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation.
| CVE ID | CVE-2002-1420 |
|---|---|
| Severity | HIGH |
| CVSS score | 7.2 |
| CVSS vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2003-04-11 |
| Last modified | 2026-04-16 |
| Description | Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →