VE-2022-28738: Double free in Regexp compilation Posted by mame on 12 Apr 2022 A double-free vulnerability is discovered in Regexp compilation. This vulnerability has been assigned the CVE identifier CVE-2022-28738. We strongly recommend upgrading Ruby. Details Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same memory to be freed twice. This is known as a “double free” vulnerability. Note that, in general, it is considered unsafe to create and use a Regexp object generated from untrusted input. In this case, however, following a comprehensive assessment, we treat this issue as a vulnerability. Please update Ruby to 3.0.4, or 3.1.2. Affected versions ruby 3.0.3 or prior ruby 3.1.1 or prior Note that ruby 2.6 series and 2.7 series are not affected. Credits Thanks to piao for discovering this issue. History Originally published at 2022-04-12 12:00:00 (UTC)
Created ruby tracking bugs for this issue: Affects: fedora-all [bug 2078342] Created ruby:3.0/ruby tracking bugs for this issue: Affects: fedora-all [bug 2078343]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6450 https://access.redhat.com/errata/RHSA-2022:6450
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:6585 https://access.redhat.com/errata/RHSA-2022:6585
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2022:6855 https://access.redhat.com/errata/RHSA-2022:6855
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-28738