From 3d893c37de5acd724f8c6458d7234146a209ac3a Mon Sep 17 00:00:00 2001 From: Yasuhiro Kimura Date: Wed, 13 Apr 2022 11:46:00 +0900 Subject: security/vuxml: Document double free vulnerability in Ruby --- security/vuxml/vuln-2022.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index 4017ed890967..a535735eb3a1 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,47 @@ + + Ruby -- Double free in Regexp compilation + + + ruby + 3.0.0,13.0.4,1 + 3.1.0,13.1.2,1 + + + ruby30 + 3.0.0,13.0.4,1 + + + ruby31 + 3.1.0,13.1.2,1 + + + + +

piao reports:

+
+ Due to a bug in the Regexp compilation process, creating + a Regexp object with a crafted source string could cause + the same memory to be freed twice. This is known as a + "double free" vulnerability. Note that, in general, it + is considered unsafe to create and use a Regexp object + generated from untrusted input. In this case, however, + following a comprehensive assessment, we treat this issue + as a vulnerability. +
+

+ + + + CVE-2022-28738 + https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/ + + + 2022-04-12 + 2022-04-13 + + + Chromium -- mulitple vulnerabilities -- cgit v1.2.3