Wireshark sharkd
Moderate fix2 remedies
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*
Moderate fix2 remedies
- >= 4.6.0, <= 4.6.4
- >= 4.4.0, <= 4.4.14
Wireshark Sharkd Denial-of-Service Vulnerability via NULL Pointer Dereference
Vulnerability
Patched
A denial-of-service vulnerability has been identified in the Wireshark sharkd utility, specifically in versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14. The issue arises from a NULL pointer dereference in the 'setcomment' method, where the comment parameter is optional. When omitted, it leads to a crash by causing a read access violation. This vulnerability can be exploited by sending a malformed JSON-RPC request that omits the comment parameter, causing sharkd to crash when the missing value is processed.
Impact
Exploitation of this vulnerability leads to a crash of the sharkd utility, causing a denial-of-service condition.
Reproduction
The vulnerability can be reproduced by running the sharkd utility with AddressSanitizer enabled, and piping a JSON-RPC request that omits the 'comment' parameter into the process. This can be done using a simple JSON file that removes the comment attribute from the 'setcomment' method, which will trigger the NULL pointer dereference and crash the application.
Remediation
Users are advised to upgrade to Wireshark versions 4.6.5, 4.4.15 or later.
Added: Apr 30, 2026, 6:18 AM
Updated: Apr 30, 2026, 6:18 AM
Vulnerability Rating
Custom Algorithm
spread
7.8impact
2.5exploitability
6.0remediation
7.7relevance
7.1threat
6.4urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.