Key Information Title free5gc PCF v4.1.0 Denial of Service Description Vulnerability Description: - Sending an HTTP CreateSmPolicy request causes downstream OpenAPI calls to return a 404 Not Found error. After processing the request, the PCF continues executing the request handler and triggers a null pointer dereference in (around line 82), leading to the PCF process crashing and resulting in a denial of service. Credit Submitters: Ziyu Lin, Xiaofeng Wang, Wei Dong (Nanyang Technological University) CVSS 3.1 CVSS v3.1: 3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Reproduction Steps Command-line Reproduction Command: Expected Behavior The PCF should gracefully handle failures in downstream OpenAPI calls (e.g., 404 Not Found errors).