net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for a certain (1) sender or (2) receiver getsockopt call.
Exploitability
AV:LAC:HAu:NImpact
C:CI:CA:C6.2/AV:L/AC:H/Au:N/C:C/I:C/A:C