In the Linux kernel, the following vulnerability has been resolved:
drm/nouveau: fix stale locked mutex in nouveaugemioctl_pushbuf
If VMBIND is enabled on the client the legacy submission ioctl can't be used, however if a client tries to do so regardless it will return an error. In this case the clients mutex remained unlocked leading to a deadlock inside nouveaudrm_postclose or any other nouveau ioctl call.