Buffer overflow in deprecated USB HALs and stack overflow in USB enumeration
If an application is making use of the deprecated kit protocol HALs as the communication channel to the target device an attacker can masquerade as a device and return malformed packets of arbitrary length which the protocol stack will write to the stack.