Denial of Service and Potential TTY Access Vulnerability in Red Hat Enterprise Linux 3

Denial of Service and Potential TTY Access Vulnerability in Red Hat Enterprise Linux 3

CVE-2005-0403 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.