6. CVE-2022-28738: Double free in Regexp compilation

CVE-2022-28738: Double free in Regexp compilation


  • A double-free vulnerability is discovered in Regexp compilation. This vulnerability has been assigned the CVE identifier CVE-2022-28738. We strongly recommend upgrading Ruby.

    Details

    Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same memory to be freed twice. This is known as a “double free” vulnerability. Note that, in general, it is considered unsafe to create and use a Regexp object generated from untrusted input. In this case, however, following a comprehensive assessment, we treat this issue as a vulnerability.

    Please update Ruby to 3.0.4, or 3.1.2.

    Affected versions

    • ruby 3.0.3 or prior
    • ruby 3.1.1 or prior

    Note that ruby 2.6 series and 2.7 series are not affected.

    Credits

    Thanks to piao for discovering this issue.

    History

    • Originally published at 2022-04-12 12:00:00 (UTC)

    Posted by mame on 12 Apr 2022



    https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/
Log in to reply
 

© Lightnetics 2024