Linux Kernel Nouveau DRM Fencing Context Handling Vulnerability

A vulnerability in the Linux kernel's Nouveau DRM driver has been addressed, concerning the management of fencing contexts. The issue arose because the function 'nouveau_fence_done()' could signal fences, creating a race condition. This led to a scenario where a signaled fence remained in the pending list until removed by 'nouveau_fence_update()'. If 'nouveau_fence_context_kill()' was executed during this period, it could erroneously attempt to set an error code on the already signaled fence. The vulnerability has been fixed by modifying 'nouveau_fence_context_kill()' to check whether a fence has been signaled before proceeding.

Impact

Exploitation of this vulnerability could lead to incorrect handling of fence signaling in the Nouveau DRM driver, potentially causing synchronization issues or other unintended behavior in graphics processing.