The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response.
Debian Linux Security Advisory 3534-1 - Guido Vranken discovered several vulnerabilities in dhcpcd, a DHCP client, which may result in denial of service.