The vulnerability of the `nvmet_setup_dhgroup()` function in the `drivers/nvme/target/auth.c` file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nvmetsetupdhgroup function in the drivers/nvme/target/auth.c file of the Linux kernel is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

CVE-2024-50215

CVE-2024-50215 : The issue is in the Linux kernel nvmet-auth path. The controller key cb ctrl->dh_key could be reused after being freed in nvmet_destroy_auth() due to not nulling the pointer after kfree_sensitive. The fix, as cited in the connected Astra Linux/IBM/NVD entries, is to assign dh_...