Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service and possibly execute arbitrary code via huge allocation.