--- zzzz-none-000/linux-4.4.60/net/sctp/socket.c	2017-04-08 07:53:53.000000000 +0000
+++ scorpion-7490-727/linux-4.4.60/net/sctp/socket.c	2021-02-04 17:41:59.000000000 +0000
@@ -4419,6 +4419,10 @@
 	struct socket *sock;
 	int err = 0;
 
+	/* Do not peel off from one netns to another one. */
+	if (!net_eq(current->nsproxy->net_ns, sock_net(sk)))
+		return -EINVAL;
+
 	if (!asoc)
 		return -EINVAL;