diff --git a/patches.suse/kcm-Only-allow-TCP-sockets-to-be-attached-to-a-KCM-m.patch b/patches.suse/kcm-Only-allow-TCP-sockets-to-be-attached-to-a-KCM-m.patch
new file mode 100644
index 0000000..9c4257a
--- /dev/null
+++ b/patches.suse/kcm-Only-allow-TCP-sockets-to-be-attached-to-a-KCM-m.patch
@@ -0,0 +1,44 @@
+From 3acd879fb272b36a8137aae0b591221fed3837a0 Mon Sep 17 00:00:00 2001
+From: Tom Herbert <tom@quantonium.net>
+Date: Wed, 24 Jan 2018 12:35:40 -0800
+Subject: [PATCH] kcm: Only allow TCP sockets to be attached to a KCM mux
+Git-commit: 581e7226a5d43f629eb6399a121f85f6a15f81be
+Patch-mainline: v4.15
+References: git-fixes
+
+TCP sockets for IPv4 and IPv6 that are not listeners or in closed
+stated are allowed to be attached to a KCM mux.
+
+Fixes: ab7ac4eb9832 ("kcm: Kernel Connection Multiplexor module")
+Reported-by: syzbot+8865eaff7f9acd593945@syzkaller.appspotmail.com
+Signed-off-by: Tom Herbert <tom@quantonium.net>
+Reviewed-by: Eric Dumazet <edumazet@google.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Denis Kirjanov <denis.kirjanov@suse.com>
+---
+ net/kcm/kcmsock.c | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/net/kcm/kcmsock.c b/net/kcm/kcmsock.c
+index 473ad3ebdff2..c6e325199495 100644
+--- a/net/kcm/kcmsock.c
++++ b/net/kcm/kcmsock.c
+@@ -1387,8 +1387,13 @@ static int kcm_attach(struct socket *soc
+ 	if (!csk)
+ 		return -EINVAL;
+ 
+-	/* We must prevent loops or risk deadlock ! */
+-	if (csk->sk_family == PF_KCM)
++	/* Only allow TCP sockets to be attached for now */
++	if ((csk->sk_family != AF_INET && csk->sk_family != AF_INET6) ||
++	    csk->sk_protocol != IPPROTO_TCP)
++		return -EOPNOTSUPP;
++
++	/* Don't allow listeners or closed sockets */
++	if (csk->sk_state == TCP_LISTEN || csk->sk_state == TCP_CLOSE)
+ 		return -EOPNOTSUPP;
+ 
+ 	psock = kmem_cache_zalloc(kcm_psockp, GFP_KERNEL);
+-- 
+2.16.4
+
diff --git a/patches.suse/kcm-lock-lower-socket-in-kcm_attach.patch b/patches.suse/kcm-lock-lower-socket-in-kcm_attach.patch
index 395291b..7b2c171 100644
--- a/patches.suse/kcm-lock-lower-socket-in-kcm_attach.patch
+++ b/patches.suse/kcm-lock-lower-socket-in-kcm_attach.patch
@@ -21,7 +21,7 @@ Signed-off-by: Jiri Slaby <jslaby@suse.cz>
 
 --- a/net/kcm/kcmsock.c
 +++ b/net/kcm/kcmsock.c
-@@ -1381,19 +1381,25 @@ static int kcm_attach(struct socket *soc
+@@ -1381,24 +1381,33 @@ static int kcm_attach(struct socket *soc
  		.parse_msg = kcm_parse_func_strparser,
  		.read_sock_done = kcm_read_sock_done,
  	};
@@ -34,25 +34,32 @@ Signed-off-by: Jiri Slaby <jslaby@suse.cz>
  
 +	lock_sock(csk);
 +
- 	/* We must prevent loops or risk deadlock ! */
--	if (csk->sk_family == PF_KCM)
--		return -EOPNOTSUPP;
-+	if (csk->sk_family == PF_KCM) {
-+		err = -EOPNOTSUPP;
+ 	/* Only allow TCP sockets to be attached for now */
+ 	if ((csk->sk_family != AF_INET && csk->sk_family != AF_INET6) ||
+-	    csk->sk_protocol != IPPROTO_TCP)
++	    csk->sk_protocol != IPPROTO_TCP) {
+ 		return -EOPNOTSUPP;
 +		goto out;
 +	}
  
+ 	/* Don't allow listeners or closed sockets */
+-	if (csk->sk_state == TCP_LISTEN || csk->sk_state == TCP_CLOSE)
++	if (csk->sk_state == TCP_LISTEN || csk->sk_state == TCP_CLOSE) {
+ 		return -EOPNOTSUPP;
++		goto out;
++	}
++
+ 
  	psock = kmem_cache_zalloc(kcm_psockp, GFP_KERNEL);
 -	if (!psock)
--		return -ENOMEM;
 +	if (!psock) {
-+		err = -ENOMEM;
+ 		return -ENOMEM;
 +		goto out;
 +	}
  
  	psock->mux = mux;
  	psock->sk = csk;
-@@ -1402,7 +1408,7 @@ static int kcm_attach(struct socket *soc
+@@ -1407,7 +1416,7 @@ static int kcm_attach(struct socket *soc
  	err = strp_init(&psock->strp, csk, &cb);
  	if (err) {
  		kmem_cache_free(kcm_psockp, psock);
@@ -61,7 +68,7 @@ Signed-off-by: Jiri Slaby <jslaby@suse.cz>
  	}
  
  	sock_hold(csk);
-@@ -1438,7 +1444,10 @@ static int kcm_attach(struct socket *soc
+@@ -1443,7 +1452,10 @@ static int kcm_attach(struct socket *soc
  	/* Schedule RX work in case there are already bytes queued */
  	strp_check_rcv(&psock->strp);
  
diff --git a/series.conf b/series.conf
index aa6d214..46c0828 100644
--- a/series.conf
+++ b/series.conf
@@ -19519,6 +19519,7 @@
 	patches.suse/mlxsw-spectrum_router-Don-t-log-an-error-on-missing-.patch
 	patches.suse/net-sched-em_nbyte-don-t-add-the-data-offset-twice.patch
 	patches.suse/net-sched-fix-TCF_LAYER_LINK-case-in-tcf_get_base_pt.patch
+	patches.suse/kcm-Only-allow-TCP-sockets-to-be-attached-to-a-KCM-m.patch
 	patches.suse/qed-Remove-reserveration-of-dpi-for-kernel.patch
 	patches.suse/qed-Free-reserved-MR-tid.patch
 	patches.suse/i40e-flower-check-if-TC-offload-is-enabled-on-a-netd.patch