The BGP decoding routines in tcpdump 3.6.x prior to 3.7 do not properly copy data, which allows remote malicious users to cause a denial of service (application crash).
lbl tcpdump