← CVECheck
HomeVulnerabilities

CVE-2002-1420 — HIGH severity vulnerability (Integer signedness error in select() on OpenBSD 3.1 and earl)

Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation.

CVE IDCVE-2002-1420
SeverityHIGH
CVSS score7.2
CVSS vectorAV:L/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2003-04-11
Last modified2026-04-16
DescriptionInteger signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →