tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. Reproducer: https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/util-print
Created tcpdump tracking bugs for this issue: Affects: fedora-all [bug 1475364]
This issue was addressed in Red Hat Enterprise Linux 7 via RHEA-2018:0705, which rebased tcpdump to 4.9.2: https://access.redhat.com/errata/RHEA-2018:0705