diff --git a/patches.suse/seq_file-Disallow-extremely-large-seq-buffer-allocations.patch b/patches.suse/seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
new file mode 100644
index 0000000..562a0c3
--- /dev/null
+++ b/patches.suse/seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
@@ -0,0 +1,29 @@
+From: Eric Sandeen <sandeen@redhat.com>
+Subject: seq_file: Disallow extremely large seq buffer allocations
+References: bsc#1188062, CVE-2021-33909
+Patch-mainline: Not yet, embargoed security
+
+There is no reasonable need for a buffer larger than this,
+and it avoids int overflow pitfalls.
+
+Suggested-by: Al Viro <viro@zeniv.linux.org.uk>
+Signed-off-by: Eric Sandeen <sandeen@redhat.com>
+Acked-by: Goldwyn Rodrigues <rgoldwyn@suse.com>
+---
+
+---
+ fs/seq_file.c |    3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/fs/seq_file.c
++++ b/fs/seq_file.c
+@@ -29,6 +29,9 @@ static void seq_set_overflow(struct seq_
+ 
+ static void *seq_buf_alloc(unsigned long size)
+ {
++	if (unlikely(size > MAX_RW_COUNT))
++		return NULL;
++
+ 	return kvmalloc(size, GFP_KERNEL_ACCOUNT);
+ }
+ 
diff --git a/series.conf b/series.conf
index becaeb5..a0b2c19 100644
--- a/series.conf
+++ b/series.conf
@@ -49735,6 +49735,7 @@
 	patches.suse/cpuidle-pseries-Fixup-CEDE0-latency-only-for-POWER10.patch
 	patches.suse/mmc-sdhci-iproc-cap-min-clock-frequency-on-bcm2711.patch
 	patches.suse/mmc-sdhci-iproc-set-sdhci_quirk_cap_clock_base_broken-on-bcm2711.patch
+	patches.suse/seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
 
 	########################################################
 	# end of sorted patches