CVE-2014-3199 (chrome, enterprise_linux_desktop_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary)
The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 38.0.2125.101, has an erroneous fallback outcome for wrapper-selection failures, which allows remote attackers to cause a denial of service via vectors that trigger stopping a worker process that had been handling an Event object.