The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6printlshdr().
{ "vanir_signatures": [ { "target": { "file": "print-ospf6.c", "function": "ospf6_print_lshdr" }, "id": "CVE-2018-14880-614aa40a", "source": "https://github.com/the-tcpdump-group/tcpdump/commit/e01c9bf76740802025c9328901b55ee4a0c49ed6", "digest": { "length": 600.0, "function_hash": "188560991635104036514816831508549051039" }, "signature_version": "v1", "signature_type": "Function", "deprecated": false }, { "target": { "file": "print-ospf6.c" }, "id": "CVE-2018-14880-799c93a4", "source": "https://github.com/the-tcpdump-group/tcpdump/commit/e01c9bf76740802025c9328901b55ee4a0c49ed6", "digest": { "line_hashes": [ "196203721336365200924657813082473960363", "160017831034034583053609807410743322505", "119102234914986877001736310012320517756", "214896492921943120984873172864605545717", "48870936270048000475787241693342864286" ], "threshold": 0.9 }, "signature_version": "v1", "signature_type": "Line", "deprecated": false } ] }