diff --git a/patches.suse/net-qcom-emac-Fix-use-after-free-bug-in-emac_remove-.patch b/patches.suse/net-qcom-emac-Fix-use-after-free-bug-in-emac_remove-.patch
new file mode 100644
index 0000000..1aac727
--- /dev/null
+++ b/patches.suse/net-qcom-emac-Fix-use-after-free-bug-in-emac_remove-.patch
@@ -0,0 +1,62 @@
+From b41d63baed991a2bad50021f9e045b421afbb0ad Mon Sep 17 00:00:00 2001
+From: Zheng Wang <zyytlz.wz@163.com>
+Date: Sat, 18 Mar 2023 16:05:26 +0800
+Subject: [PATCH] net: qcom/emac: Fix use after free bug in emac_remove due to
+ race condition
+Git-commit: 6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75
+Patch-mainline: v6.3-rc4
+References: bsc#1211037 CVE-2023-2483
+
+In emac_probe, &adpt->work_thread is bound with
+emac_work_thread. Then it will be started by timeout
+handler emac_tx_timeout or a IRQ handler emac_isr.
+
+If we remove the driver which will call emac_remove
+  to make cleanup, there may be a unfinished work.
+
+The possible sequence is as follows:
+
+Fix it by finishing the work before cleanup in the emac_remove
+and disable timeout response.
+
+CPU0                  CPU1
+
+                    |emac_work_thread
+emac_remove         |
+free_netdev         |
+kfree(netdev);      |
+                    |emac_reinit_locked
+                    |emac_mac_down
+                    |//use netdev
+Fixes: b9b17debc69d ("net: emac: emac gigabit ethernet controller driver")
+Signed-off-by: Zheng Wang <zyytlz.wz@163.com>
+
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Denis Kirjanov <denis.kirjanov@suse.com>
+---
+ drivers/net/ethernet/qualcomm/emac/emac.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/drivers/net/ethernet/qualcomm/emac/emac.c b/drivers/net/ethernet/qualcomm/emac/emac.c
+index fffa17b25600..30086da3d7cc 100644
+--- a/drivers/net/ethernet/qualcomm/emac/emac.c
++++ b/drivers/net/ethernet/qualcomm/emac/emac.c
+@@ -757,9 +757,15 @@ static int emac_remove(struct platform_device *pdev)
+ 	struct net_device *netdev = dev_get_drvdata(&pdev->dev);
+ 	struct emac_adapter *adpt = netdev_priv(netdev);
+ 
++	netif_carrier_off(netdev);
++	netif_tx_disable(netdev);
++
+ 	unregister_netdev(netdev);
+ 	netif_napi_del(&adpt->rx_q.napi);
+ 
++	free_irq(adpt->irq.irq, &adpt->irq);
++	cancel_work_sync(&adpt->work_thread);
++
+ 	emac_clks_teardown(adpt);
+ 
+ 	put_device(&adpt->phydev->mdio.dev);
+-- 
+2.16.4
+
diff --git a/series.conf b/series.conf
index 6797a6f..a80fc3e 100644
--- a/series.conf
+++ b/series.conf
@@ -23108,6 +23108,7 @@
 	patches.suse/nfc-st-nci-Fix-use-after-free-bug-in-ndlc_remove-due.patch
 	patches.suse/hwmon-xgene-Fix-use-after-free-bug-in-xgene_hwmon_remove-d.patch
 	patches.suse/xirc2ps_cs-Fix-use-after-free-bug-in-xirc2ps_detach.patch
+	patches.suse/net-qcom-emac-Fix-use-after-free-bug-in-emac_remove-.patch
 	patches.suse/Bluetooth-btsdio-fix-use-after-free-bug-in-btsdio_re.patch
 	patches.suse/power-supply-da9150-Fix-use-after-free-bug-in-da9150.patch
 	patches.suse/btrfs-fix-race-between-quota-disable-and-quota-assig.patch