diff --git a/sys/include/net/tcp.h b/sys/include/net/tcp.h
index 408fed316b..899893c612 100644
--- a/sys/include/net/tcp.h
+++ b/sys/include/net/tcp.h
@@ -49,6 +49,7 @@ extern "C" {
  * @brief TCP option "length"-field values.
  * @{
  */
+#define TCP_OPTION_LENGTH_MIN (2U)    /**< Mimimum amount of bytes needed for an option with a length field */
 #define TCP_OPTION_LENGTH_MSS (0x04)  /**< MSS Option Size always 4 */
 /** @} */
 
diff --git a/sys/net/gnrc/transport_layer/tcp/gnrc_tcp_option.c b/sys/net/gnrc/transport_layer/tcp/gnrc_tcp_option.c
index aaca03fa6f..6b8c564073 100644
--- a/sys/net/gnrc/transport_layer/tcp/gnrc_tcp_option.c
+++ b/sys/net/gnrc/transport_layer/tcp/gnrc_tcp_option.c
@@ -51,7 +51,7 @@ int _option_parse(gnrc_tcp_tcb_t *tcb, tcp_hdr_t *hdr)
                 continue;
 
             case TCP_OPTION_KIND_MSS:
-                if (option->length > opt_left || option->length != TCP_OPTION_LENGTH_MSS) {
+                if (opt_left < TCP_OPTION_LENGTH_MIN || option->length > opt_left || option->length != TCP_OPTION_LENGTH_MSS) {
                     DEBUG("gnrc_tcp_option.c : _option_parse() : invalid MSS Option length.\n");
                     return -1;
                 }
@@ -66,7 +66,7 @@ int _option_parse(gnrc_tcp_tcb_t *tcb, tcp_hdr_t *hdr)
                 return -1;
         }
 
-        if (option->length > opt_left) {
+        if (opt_left < TCP_OPTION_LENGTH_MIN || option->length > opt_left) {
             DEBUG("gnrc_tcp_option.c : _option_parse() : invalid option length\n");
             return 0;
         }