COMMAND

    MILO

SYSTEMS AFFECTED

    Linux RedHat 5.x (Alpha)

PROBLEM

    Following is based  on KSR[T] Security  Advisory.  Any  local user
    can cause  an Alpha  Linux machine  to reboot,  lock up  or become
    unstable.  During the beta-testing of an instruction set  auditor,
    the KSR[T] team  found several instructions  that caused an  Alpha
    Linux  machine  to  generate  an  'Oops'  or to reboot/hang.  This
    involves  the  call_pal   instruction  with  different   immediate
    arguments.   The PALcode  currently used  in the  MILO that  comes
    with Redhat 5.x and below has two additional debugging PAL  calls,
    DBGSTOP (0xAD) and NPHALT (0xBF).  NPHALT is a non-privileged HALT
    instruction, which brings the machine straight back to the console
    even  from  user  space.    These  calls  were  used  during   the
    development of MILO and were not intended for production use.

SOLUTION

    The copies of MILO distributed at:

        ftp://genie.ucd.ie/pub/alpha/milo/milo-latest

    are not vulnerable to this attack.