diff --git a/sys_linux.c b/sys_linux.c
index af45066..411ceec 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -438,12 +438,13 @@ SYS_Linux_DropRoot(uid_t uid, gid_t gid, int clock_control)
   UTI_DropRoot(uid, gid);
 
   /* Keep CAP_NET_BIND_SERVICE if the NTP server sockets may need to be bound.
-     Keep CAP_NET_RAW if an NTP socket may need to be bound to a device.
+     Keep CAP_NET_RAW if an NTP socket may need to be bound to a device on
+     kernels before 5.7.
      Keep CAP_SYS_TIME if the clock control is enabled. */
   if (snprintf(cap_text, sizeof (cap_text), "%s %s %s",
                CNF_GetNTPPort() ? "cap_net_bind_service=ep" : "",
-               CNF_GetBindNtpInterface() || CNF_GetBindAcquisitionInterface() ?
-                 "cap_net_raw=ep" : "",
+               (CNF_GetBindNtpInterface() || CNF_GetBindAcquisitionInterface()) &&
+                 !SYS_Linux_CheckKernelVersion(5, 7) ? "cap_net_raw=ep" : "",
                clock_control ? "cap_sys_time=ep" : "") >= sizeof (cap_text))
     assert(0);