It was found that omapi code doesn't free socket descriptor if empty message was sent by client, which allows malicious client to use up all available descriptors causing Denial of Service.
Created dhcp tracking bugs for this issue:
Affects: fedora-all [bug 1523547]
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2018:0158 https://access.redhat.com/errata/RHSA-2018:0158