CVE-2002-2180 — MEDIUM severity vulnerability (The setitimer(2) system call in OpenBSD 2.0 through 3.1 does)
The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error.
| CVE ID | CVE-2002-2180 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 6.8 |
| CVSS vector | AV:L/AC:L/Au:S/C:C/I:C/A:C |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2002-12-31 |
| Last modified | 2026-04-16 |
| Description | The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →