Vulnerability CVE-2022-28738: Information

Description

A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp from untrusted user input, an attacker may be able to write to unexpected memory locations.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-28738
Published: May 9, 2022
Modified: Jan. 24, 2024
Error type identifier: CWE-415

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
rubysisyphus2.7.6-alt13.1.4-alt4.4ALT-PU-2022-2026-1296637Fixed
rubysisyphus_e2k3.1.4-alt4.33.1.4-alt4.4ALT-PU-2024-6691-1-Fixed
rubysisyphus_riscv642.7.6-alt13.1.4-alt4.4ALT-PU-2022-5266-1-Fixed
rubyp103.1.2-alt0.13.1.4-alt2.p10.1ALT-PU-2023-4264-4307833Fixed
rubyp10_e2k3.1.4-alt2.p10.1.E2K.13.1.4-alt2.p10.1.E2K.1ALT-PU-2024-7107-1-Fixed
rubyc10f13.1.4-alt2.p10.12.7.4-alt2.2.1ALT-PU-2024-7811-2334397Testing
rubyc9f22.7.6-alt0.1.c9f22.7.6-alt0.1.c9f2ALT-PU-2022-2699-1300222Fixed
rubyp112.7.6-alt13.1.4-alt4.4ALT-PU-2022-2026-1296637Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://security-tracker.debian.org/tracker/CVE-2022-28738
  • Patch
  • Third Party Advisory
https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/
  • Vendor Advisory
https://hackerone.com/reports/1220911
  • Permissions Required
  • Third Party Advisory
https://security.netapp.com/advisory/ntap-20220624-0002/
  • Third Party Advisory
GLSA-202401-27

      1. Configuration 1

        cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
        Start including
        3.1.0
        End excliding
        3.1.2
        cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
        Start including
        3.0.0
        End excliding
        3.0.4
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.5.3
    Back to top