Wendy Cheng

**Name of the Vulnerable Software and Affected Versions** Red Hat Enterprise Linux 3 **Description** The issue is related to the `init dev` function in `tty io.c`, which does not properly clear controlling ttys in multi-threaded applications. This can allow local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure. **Recommendations** For Red Hat Enterprise Linux 3, apply the necessary patches or updates to fix the issue in the `init dev` function in `tty io.c`. As a temporary workaround, consider restricting access to multi-threaded applications that utilize the `init dev` function until a patch is available.