Something is causing the driver to go looey... you’d think that part of the kernel would be armor plated against this kind of roto rooter. Data that goes one inch beyond what it should will be cut off. Still thinking buffer overflow, that is Occam’s Razor view of the problem.
I’ve seen attacks occur without so much as a blip in resource monitoring. The most reliable monitoring for hacking is through network tools. It’s amazing what the Chinese and Russians try to do against your average network on a daily basis.