WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function for a purpose other than initializing a bitvector size, and resizeSlow mishandles cases where the old array length is greater than the new array length.