The software defines an IOCTL that uses METHOD_NEITHER for I/O,
					but it does not validate or incorrectly validates the addresses that are
					provided.When an IOCTL uses the METHOD_NEITHER option for I/O control, it is the
						responsibility of the IOCTL to validate the addresses that have been
						supplied to it. If validation is missing or incorrect, attackers can supply
						arbitrary memory addresses, leading to code execution or a denial of
						service.