Vulnerability Summary: sharkd: cf_open does not release previous capture wtap object Vulnerability Overview In lines 431-483 of the file, the function fails to release the and pointers when overwriting . This results in a memory leak of approximately 440 KB each time a capture file is loaded via a JSON-RPC request. Impact Scope Attack Scenario: An unauthenticated attacker can trigger an infinite loop of load requests on the sharkd socket, causing unbounded memory growth (Denial of Service). Affected Component: Wireshark's sharkd service. Remediation Status: Completed (Done). Reproduction Steps: 1. Run sharkd with ASAN options: 2. Send JSON data containing multiple load requests (refer to the content of in the Sample capture file). POC Code