CVE-2005-0403

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux 3

Description The issue is related to the init dev function in tty io.c, which does not properly clear controlling ttys in multi-threaded applications. This can allow local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure.

Recommendations For Red Hat Enterprise Linux 3, apply the necessary patches or updates to fix the issue in the init dev function in tty io.c. As a temporary workaround, consider restricting access to multi-threaded applications that utilize the init dev function until a patch is available.