diff --git a/libc/timerfd.cc b/libc/timerfd.cc
index dc6670e70c1edc2371b2310c64adb3e2756fe380..46d9d65d24d26a0ba0b6510d45a9605b2ad251d7 100644
--- a/libc/timerfd.cc
+++ b/libc/timerfd.cc
@@ -253,6 +253,11 @@ int timerfd_create(int clockid, int flags) {
 
 static constexpr s64 second = 1000000000;
 
+static bool check_nsec_validity(long nsec)
+{
+    return (nsec >= 0 && nsec < second);
+}
+
 int timerfd_settime(int fd, int flags, const itimerspec *newval,
         itimerspec *oldval)
 {
@@ -266,6 +271,11 @@ int timerfd_settime(int fd, int flags, const itimerspec *newval,
         errno = EINVAL;
         return -1;
     }
+    if (!check_nsec_validity(newval->it_value.tv_nsec) ||
+        !check_nsec_validity(newval->it_interval.tv_nsec)) {
+        errno = EINVAL;
+        return -1;
+    }
 
     s64 expiration, interval;
     auto now = tf->time_now();