diff --git a/0001-Missing-return-on-error-causes-use-after-free-in-SAS.patch b/0001-Missing-return-on-error-causes-use-after-free-in-SAS.patch
new file mode 100644
index 0000000000000000000000000000000000000000..f0e872bccb5f4071d9739677df8d74dc075a2199
--- /dev/null
+++ b/0001-Missing-return-on-error-causes-use-after-free-in-SAS.patch
@@ -0,0 +1,24 @@
+From 0c3840e614e49090785ae8b33ff00c59d354c188 Mon Sep 17 00:00:00 2001
+From: Huzaifa Sidhpurwala <huzaifas@redhat.com>
+Date: Wed, 16 May 2018 09:16:19 +0530
+Subject: [PATCH] Missing return on error causes use-after-free in SASL code
+
+---
+ src/rdkafka_sasl_scram.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/rdkafka_sasl_scram.c b/src/rdkafka_sasl_scram.c
+index 968d8791..6d955452 100644
+--- a/src/rdkafka_sasl_scram.c
++++ b/src/rdkafka_sasl_scram.c
+@@ -602,6 +602,7 @@ rd_kafka_sasl_scram_handle_server_first_message (rd_kafka_transport_t *rktrans,
+                             "Invalid Base64 Salt in server-first-message");
+                 rd_free(server_nonce);
+                 rd_free(salt_b64.ptr);
++                return -1;
+         }
+         rd_free(salt_b64.ptr);
+ 
+-- 
+2.42.0.windows.2
+
diff --git a/librdkafka.spec b/librdkafka.spec
index b054ed2a351f564d783355f62a6bfd0da60a59f4..8b65a780ec2450e013e0ecdd766103279c6e6c07 100644
--- a/librdkafka.spec
+++ b/librdkafka.spec
@@ -1,6 +1,6 @@
 Name:           librdkafka
 Version:        0.11.4
-Release:        5
+Release:        6
 Summary:        C library implementation of the Apache Kafka protocol
 License:        BSD
 URL:            https://github.com/edenhill/librdkafka
@@ -9,6 +9,7 @@ Source0:        https://github.com/edenhill/librdkafka/archive/v%{version}.tar.g
 BuildRequires:  gcc-c++ python3 openssl-devel cyrus-sasl-devel lz4-devel
 
 Patch0001:      0001-tests-skip-tests-on-Win32-that-rely-on-kafka-topics.patch
+Patch0002:      0001-Missing-return-on-error-causes-use-after-free-in-SAS.patch
 
 %description
 ibrdkafka is a C library implementation of the Apache Kafka protocol, providing Producer, Consumer
@@ -55,6 +56,9 @@ make check
 %{_libdir}/pkgconfig/*
 
 %changelog
+* Wed Dec 27 2023 liubo <liubo1@xfusion.com> - 0.11.4-6
+- Missing return on error causes use-after-free in SASL code
+
 * Mon Dec 25 2023 liubo <liubo1@xfusion.com> - 0.11.4-5
 - tests: skip tests on Win32 that rely on kafka-topics.sh