Worse case scenerio: Buffer Overflow->Code Execution in poorly coded clients.
This is a specific DoS attack vector that has nothing to do with buffer overflows.
The worse case scenario is that no transactions are confirmed for a while until centralized mining intervenes.