From: Greg Kroah-Hartman <gre...@linuxfoundation.org> Date: Fri, 20 Sep 2019 09:35:44 +0200
> Ori Nimron pointed out that there are a number of places in the kernel > where you can create a raw socket, without having to have the > CAP_NET_RAW permission. > > To resolve this, here's a short patch series to test these odd and old > protocols for this permission before allowing the creation to succeed > > All patches are currently against the net tree. Applied and queued up for -stable.
