CVE-2002-1490
NetBSD 1.4-1.6 beta - Denial of Service via TIOCSCTTY ioctl Integer Overflow
Title source: llmDescription
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/7566
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5722
Vendor Advisory vendor-advisory
x_refsource_netbsd
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-007.txt.asc
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10115.php
Scores
EPSS
0.0006
EPSS Percentile
20.1%
Details
Status
published
Products (9)
netbsd/netbsd
1.4 (5 CPE variants)
netbsd/netbsd
1.4.1 (6 CPE variants)
netbsd/netbsd
1.4.2 (5 CPE variants)
netbsd/netbsd
1.4.3
netbsd/netbsd
1.5 (3 CPE variants)
netbsd/netbsd
1.5.1
netbsd/netbsd
1.5.2
netbsd/netbsd
1.5.3
netbsd/netbsd
1.6 beta
Published
Apr 02, 2003
Tracked Since
Feb 18, 2026