[drewcoo]

https://learn.microsoft.com/en-us/windows/win32/winsock/serv...

And here they explain that if you use SOCK_RAW, you should look out for bad datagrams:

https://learn.microsoft.com/en-us/windows/win32/winsock/tcp-...

[cryptonector]

So is this a vulnerability in specific raw sockets applications (i.e., you could get it right in the application), or a vulnerability in the Windows kernel's TCP/IP stack that is only exploitable when there is a raw sockets application running?