CVE-2022-28738: Double free in Regexp compilation

Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same memory to be freed twice. This is known as a “double free” vulnerability. Note that, in general, it is considered unsafe to create and use a Regexp object generated from untrusted input. In this case, however, following a comprehensive assessment, we treat this issue as a vulnerability. poc: ``` ruby -e '/(\\x15\\x17\\xE2\\xF5\\xF5\\xF5\\xC2\\x04\\x08J,\\x00\\xD0\\x00\\x00(?(1)\\xF5\\xF5\\xF5\\xD7\\xF5\\xF5\\xF5\\x87\\x04\\xFA555\\xBEJ,\\x18FF\\x15\\xFF|\\x03\\x01\\x00\\x01\\x00\\x00\\x8F\r|)44\\x00\\x8F\r|)+/m' ``` ## Impact may lead to a RCE attack cooperate with marshal.load