EPSS
Percentile
38.5%
samba is vulnerable to information disclosure. A local authenticated attacker is able to gain access to confidential information, because GnuTLS gnutls_rnd() may fail and give predictable random values.
GnuTLS gnutls_rnd()
bugzilla.samba.org/show_bug.cgi?id=15103
gitlab.com/samba-team/samba/-/merge_requests/2644
lists.fedoraproject.org/archives/list/[email protected]/message/ZTTOLTHUHOV4SHCHCB5TAA4FQVJAWN4P/
security-tracker.debian.org/tracker/CVE-2022-1615