CVE-2002-1420

Name of the Vulnerable Software and Affected Versions OpenBSD versions 3.1 and earlier

Description The issue is caused by an integer signedness error in the select() function, which allows local users to overwrite arbitrary kernel memory. This occurs when a negative value is provided for the size parameter, satisfying the boundary check as a signed integer but later being used as an unsigned integer during a data copying operation.

Recommendations For OpenBSD versions 3.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.