Tcpdump captures CAN bus frames twice

I'm writing a Wireshark dissector for our CAN bus protocol and I've noticed that tcpdump captures CAN frames twice and its output differs from candump program. For example, when I execute following commands

$ cansend vcan0 123#R
$ cansend vcan0 123#22

tcpdump shows following output

$ tcpdump -i vcan0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vcan0, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
00:19:18.372611
    0x0000:  2301 0040 0000 0000 0000 0000 0000 0000  #..@............
00:19:18.374097
    0x0000:  2301 0040 0000 0000 0000 0000 0000 0000  #..@............
00:19:33.605064
    0x0000:  2301 0000 0100 0000 2200 0000 0000 0000  #.......".......
00:19:33.610799
    0x0000:  2301 0000 0100 0000 2200 0000 0000 0000  #.......".......

but candump shows it correctly.

$ candump vcan0
  vcan0  123     remote request
  vcan0  123     22

tcpdump version

$ tcpdump --version
tcpdump version 4.9.2
libpcap version 1.9.0-PRE-GIT (with TPACKET_V3)

I have two questions 1. Is there any solution to this problem or is it solved in a newer version? 2. If no or newer version is required, can I use candump in Wireshark remote capture? I know I can preview candump logs, but I would prefer live inspection using remote capture.