The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.
CVE-2018-16300 (Candidate) is related to these bugs: