During the TLS handshake, the Finished message ensures that the handshake has not been tampered with by an active attacker. If a memory allocation fails or a cryptographic hardware driver returns an error at a specific point during the handshake, the Finished message will be incorrectly calculated to be the contents of uninitialized stack memory.
