diff --git a/[refs] b/[refs]
index 0747f4dbcf42..6b6852d6c7e7 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 206daaf77f68ce0f103164e6406336068c87a4a5
+refs/heads/master: 82fac0542e11c0d3316cc8fdafd2a990d2aab692
diff --git a/trunk/net/ipv4/netfilter/ip_tables.c b/trunk/net/ipv4/netfilter/ip_tables.c
index 78a44b01c035..4b90927619b8 100644
--- a/trunk/net/ipv4/netfilter/ip_tables.c
+++ b/trunk/net/ipv4/netfilter/ip_tables.c
@@ -1932,6 +1932,9 @@ compat_do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
 {
 	int ret;
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	switch (cmd) {
 	case IPT_SO_GET_INFO:
 		ret = get_info(user, len, 1);