Posted by mame on 12 Apr 2022
A double-free vulnerability is discovered in Regexp compilation. This vulnerability has been assigned the CVE identifier CVE-2022-28738. We strongly recommend upgrading Ruby.
Details
Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same memory to be freed twice. This is known as a “double free” vulnerability. Note that, in general, it is considered unsafe to create and use a Regexp object generated from untrusted input. In this case, however, following a comprehensive assessment, we treat this issue as a vulnerability.
Please update Ruby to 3.0.4, or 3.1.2.
Affected versions
- ruby 3.0.3 or prior
- ruby 3.1.1 or prior
Note that ruby 2.6 series and 2.7 series are not affected.
Credits
Thanks to piao for discovering this issue.
History
- Originally published at 2022-04-12 12:00:00 (UTC)