A fix for this problem has just been committed to the RHEL3 U6 patch pool this evening (in kernel version 2.4.21-32.7.EL).
Ernie has requested that this be made public and not have an embargo; therefore I'm contacting vendor-sec and kernel to let them know about the issue as SUSE and others are about to do x86_64 updates for a number of other flaws.
Created attachment 115253 [details] Proposed patch
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-663.html