diff --git a/patches.suse/wifi-mac80211-fix-crash-in-beacon-protection-for-P2P.patch b/patches.suse/wifi-mac80211-fix-crash-in-beacon-protection-for-P2P.patch
new file mode 100644
index 0000000..52c2c77
--- /dev/null
+++ b/patches.suse/wifi-mac80211-fix-crash-in-beacon-protection-for-P2P.patch
@@ -0,0 +1,60 @@
+From: Johannes Berg <johannes.berg@intel.com>
+Date: Wed, 5 Oct 2022 21:24:10 +0200
+Subject: [PATCH] wifi: mac80211: fix crash in beacon protection for P2P-device
+Mime-version: 1.0
+Content-type: text/plain; charset=UTF-8
+Content-transfer-encoding: 8bit
+Patch-mainline: Not yet, embargoed
+References: CVE-2022-42722 bsc#1204125
+
+If beacon protection is active but the beacon cannot be
+decrypted or is otherwise malformed, we call the cfg80211
+API to report this to userspace, but that uses a netdev
+pointer, which isn't present for P2P-Device. Fix this to
+call it only conditionally to ensure cfg80211 won't crash
+in the case of P2P-Device.
+
+This fixes CVE-2022-42722.
+
+Reported-by: Sönke Huster <shuster@seemoo.tu-darmstadt.de>
+Fixes: 9eaf183af741 ("mac80211: Report beacon protection failures to user space")
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Takashi Iwai <tiwai@suse.de>
+
+---
+ net/mac80211/rx.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
+index bd215fe3c796..6001adc0a00e 100644
+--- a/net/mac80211/rx.c
++++ b/net/mac80211/rx.c
+@@ -1978,10 +1978,11 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
+ 
+ 		if (mmie_keyidx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS ||
+ 		    mmie_keyidx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS +
+-		    NUM_DEFAULT_BEACON_KEYS) {
+-			cfg80211_rx_unprot_mlme_mgmt(rx->sdata->dev,
+-						     skb->data,
+-						     skb->len);
++				   NUM_DEFAULT_BEACON_KEYS) {
++			if (rx->sdata->dev)
++				cfg80211_rx_unprot_mlme_mgmt(rx->sdata->dev,
++							     skb->data,
++							     skb->len);
+ 			return RX_DROP_MONITOR; /* unexpected BIP keyidx */
+ 		}
+ 
+@@ -2131,7 +2132,8 @@ ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
+ 	/* either the frame has been decrypted or will be dropped */
+ 	status->flag |= RX_FLAG_DECRYPTED;
+ 
+-	if (unlikely(ieee80211_is_beacon(fc) && result == RX_DROP_UNUSABLE))
++	if (unlikely(ieee80211_is_beacon(fc) && result == RX_DROP_UNUSABLE &&
++		     rx->sdata->dev))
+ 		cfg80211_rx_unprot_mlme_mgmt(rx->sdata->dev,
+ 					     skb->data, skb->len);
+ 
+-- 
+2.35.3
+
diff --git a/series.conf b/series.conf
index 41b21d1..f08b8ba 100644
--- a/series.conf
+++ b/series.conf
@@ -14742,6 +14742,7 @@
 	patches.suse/wifi-cfg80211-fix-BSS-refcounting-bugs.patch
 	patches.suse/wifi-cfg80211-avoid-nontransmitted-BSS-list-corrupti.patch
 	patches.suse/wifi-mac80211-fix-MBSSID-parsing-use-after-free.patch
+	patches.suse/wifi-mac80211-fix-crash-in-beacon-protection-for-P2P.patch
 
 	########################################################
 	# BPF