[原文]init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure.
The kernel in Red Hat Enterprise Linux contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user could take control of a pointer to a freed tty structure, which causes the kernel to crash resulting in a loss of availability.
Upgrade to 2.4.21-27.0.4.EL kernel version or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
The individual or individuals responsible for the discovery of this issue are currently unknown; The vendor disclosed this issue.
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 3
Red Hat Enterprise Linux AS 3
A local information disclosure and denial of service vulnerability affects RedHat Enterprise Linux. This issue is due to a design error caused by a flawed back port of the Native POSIX Threading Library (NPTL).
An attacker may leverage this issue to gain read and write access to other users' terminal TTY sessions as well as crash the affected computer. This issue may facilitate disclosure of information, command execution with escalated privileges, and denial of service attacks.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org <mailto:email@example.com>.
Red Hat released advisory RHSA-2005:293-16 and fixes to address this and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisories for additional information.