Also, as mentioned in bug 159671, we still don't have an exploit to verify the fix. Although I agree that this is a pretty clear fix, with low risk of side effects.
Public now as of 20050621:10, removing security sensitive tag
A fix for this problem has just been committed to the RHEL3 U6 patch pool this evening (in kernel version 2.4.21-32.10.EL).
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-663.html