diff --git a/0001-Fix-use-afte-free-in-ip_reass-CVE-2020-1983.patch b/0001-Fix-use-afte-free-in-ip_reass-CVE-2020-1983.patch
new file mode 100644
index 0000000..3516a7f
--- /dev/null
+++ b/0001-Fix-use-afte-free-in-ip_reass-CVE-2020-1983.patch
@@ -0,0 +1,48 @@
+From 9bd6c5913271eabcb7768a58197ed3301fe19f2d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
+Date: Sat, 4 Apr 2020 22:42:13 +0200
+Subject: [PATCH] Fix use-afte-free in ip_reass() (CVE-2020-1983)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The q pointer is updated when the mbuf data is moved from m_dat to
+m_ext.
+
+m_ext buffer may also be realloc()'ed and moved during m_cat():
+q should also be updated in this case.
+
+Reported-by: Aviv Sasson <asasson@paloaltonetworks.com>
+Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
+---
+ src/ip_input.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/src/ip_input.c b/src/ip_input.c
+index aa514ae..89a01d4 100644
+--- a/src/ip_input.c
++++ b/src/ip_input.c
+@@ -327,8 +327,7 @@ insert:
+      */
+     q = fp->frag_link.next;
+     m = dtom(slirp, q);
+-
+-    int was_ext = m->m_flags & M_EXT;
++    int delta = (char *)q - (m->m_flags & M_EXT ? m->m_ext : m->m_dat);
+ 
+     q = (struct ipasfrag *)q->ipf_next;
+     while (q != (struct ipasfrag *)&fp->frag_link) {
+@@ -351,8 +350,7 @@ insert:
+      * then an m_ext buffer was alloced. But fp->ipq_next points to the old
+      * buffer (in the mbuf), so we must point ip into the new buffer.
+      */
+-    if (!was_ext && m->m_flags & M_EXT) {
+-        int delta = (char *)q - m->m_dat;
++    if (m->m_flags & M_EXT) {
+         q = (struct ipasfrag *)(m->m_ext + delta);
+     }
+ 
+-- 
+2.26.0.106.g9fadedd637
+
diff --git a/libslirp.spec b/libslirp.spec
index 8a5c221..135b3c2 100644
--- a/libslirp.spec
+++ b/libslirp.spec
@@ -1,6 +1,6 @@
 Name:           libslirp
 Version:        4.2.0
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        A general purpose TCP-IP emulator
 
 # check the SPDX tags in source files for details
@@ -8,6 +8,8 @@ License:        BSD and MIT
 URL:            https://gitlab.freedesktop.org/slirp/%{name}
 Source0:        %{url}/-/archive/v%{version}/%{name}-v%{version}.tar.gz
 
+Patch0001:      0001-Fix-use-afte-free-in-ip_reass-CVE-2020-1983.patch
+
 BuildRequires:  git-core
 BuildRequires:  meson
 BuildRequires:  gcc
@@ -52,6 +54,9 @@ developing applications that use %{name}.
 
 
 %changelog
+* Mon Apr 20 2020 Marc-André Lureau <marcandre.lureau@redhat.com> - 4.2.0-2
+- CVE-2020-1983 fix
+
 * Tue Mar 17 2020 Marc-André Lureau <marcandre.lureau@redhat.com> - 4.2.0-1
 - New v4.2.0 release