CVE 2014-1718

Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/renderer_host/ in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted mapping of a large amount of renderer memory.

See the CVE page on for more details.