李强

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 4.11.1 **Description** The issue is related to the `ipxitf ioctl` function in the Linux kernel, which mishandles reference counts. This can be exploited by local users to cause a denial of service (use-after-free) or possibly have other unspecified impacts via a failed `SIOCGIFADDR` ioctl call for an IPX interface. **Recommendations** For Linux kernel versions through 4.11.1, update to a version later than 4.11.1 to resolve the issue. As a temporary workaround, consider restricting access to the `ipxitf ioctl` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 4.11.8 **Description** The issue is related to a memory leak in the `virtio gpu object create` function, which can be exploited by attackers to cause a denial of service due to memory consumption. This can be achieved by triggering object-initialization failures. The estimated number of potentially affected devices is not specified. **Recommendations** For Linux kernel versions through 4.11.8, update to a version later than 4.11.8 to resolve the issue.