CVE-2015-6392 Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability (cisco-sa-20161005-dhcp1)

A vulnerability in the implementation of the DHCPv4 relay agent and smart relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
The vulnerability is due to improper validation of crafted DHCPv4 offer packets. The vulnerability can be triggered by crafted DHCP packets processed by a DHCP relay agent or smart relay agent listening on the device using the IPv4 broadcast address or the IPv4 unicast address of any interface configured on a device.

An attacker could exploit this vulnerability by sending crafted DHCPv4 offer packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash.

Refer to Cisco advisory cisco-sa-20161005-dhcp1 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

cisco-sa-20161005-dhcp1: Cisco NX-OS