atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c. CREATE(Triage):(User=admin) [CVE-2019-17054|https://nvd.nist.gov/vuln/detail/CVE-2019-17054]