The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:getnextfile().
{ "urgency": "not yet assigned" }