In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveauboref() on a nouveaubo without initializing it (and hence the backing ttmbo) leads to a refcount underflow. Instead of calling nouveauboref() in the unwind path of drmgemobject_init(), clean things up manually. (cherry picked from commit 1b93f3e89d03cfc576636e195466a0d728ad8de5)