CVE-2022-28738: Double free in Regexp compilation
-
A double-free vulnerability is discovered in Regexp compilation. This vulnerability has been assigned the CVE identifier CVE-2022-28738. We strongly recommend upgrading Ruby.
Details
Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same memory to be freed twice. This is known as a “double free” vulnerability. Note that, in general, it is considered unsafe to create and use a Regexp object generated from untrusted input. In this case, however, following a comprehensive assessment, we treat this issue as a vulnerability.
Please update Ruby to 3.0.4, or 3.1.2.
Affected versions
- ruby 3.0.3 or prior
- ruby 3.1.1 or prior
Note that ruby 2.6 series and 2.7 series are not affected.
Credits
Thanks to piao for discovering this issue.
History
- Originally published at 2022-04-12 12:00:00 (UTC)
Posted by mame on 12 Apr 2022
https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/
© Lightnetics 2024