The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
{ "vanir_signatures": [ { "digest": { "length": 2311.0, "function_hash": "109988072515468496425026116644756917418" }, "source": "https://github.com/the-tcpdump-group/tcpdump/commit/aa3e54f594385ce7e1e319b0c84999e51192578b", "id": "CVE-2018-14468-03f38018", "signature_version": "v1", "target": { "file": "print-fr.c", "function": "mfr_print" }, "signature_type": "Function", "deprecated": false }, { "digest": { "line_hashes": [ "190363503508851327864638643022534572503", "165025868637319950258452157378221762251", "86930679929499363454661396384072568889", "222498012124375742973640888207430069867" ], "threshold": 0.9 }, "source": "https://github.com/the-tcpdump-group/tcpdump/commit/aa3e54f594385ce7e1e319b0c84999e51192578b", "id": "CVE-2018-14468-f7adefa6", "signature_version": "v1", "target": { "file": "print-fr.c" }, "signature_type": "Line", "deprecated": false } ] }