Vulnerability Summary Vulnerability Overview Vulnerability Name: sharkd: NULL pointer dereference in setcomment when comment parameter is omitted Vulnerability Type: NULL pointer dereference Trigger Condition: Sending a malformed JSON-RPC request to without including the parameter causes the program to crash. Root Cause: The parameter in the method is marked as . Consequently, when a client omits this parameter, returns . This value is then passed directly to functions such as without any null pointer checks. Impact Scope Affected Component: daemon Potential Consequences: Program crash (segmentation fault), potentially leading to Denial of Service (DoS). Remediation Fix Status: Closed Fix Method: Add a check for near line in before calling functions like . Steps to Reproduce 1. Run with AddressSanitizer using the following command: 2. Send a request using the provided POC file . POC Code The page mentions a POC file named and notes that any pcap file can be used for this test (e.g., ). Although the specific content of the POC file is not directly displayed in the screenshot, based on the vulnerability description, its content should be a JSON-RPC request that omits the parameter. The approximate structure of the POC is as follows: (Note: The above JSON structure is inferred from the vulnerability description and common JSON-RPC formats. The actual content of the POC file may vary slightly, but the core aspect is the omission of the parameter.)