diff --git a/SOURCES/nodejs-fips-disable-options.patch b/SOURCES/nodejs-fips-disable-options.patch
new file mode 100644
index 0000000..5338b36
--- /dev/null
+++ b/SOURCES/nodejs-fips-disable-options.patch
@@ -0,0 +1,20 @@
+FIPS related options cause a segfault, let's end sooner
+
+Upstream report: https://github.com/nodejs/node/pull/48950
+RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2227796
+
+This patch makes the part of the code that processes cmd-line options for
+FIPS to end sooner before the code gets to the problematic part of the code.
+
+diff -up node-v18.16.1/src/crypto/crypto_util.cc.origfips node-v18.16.1/src/crypto/crypto_util.cc
+--- node-v18.16.1/src/crypto/crypto_util.cc.origfips	2023-07-31 12:09:46.603683081 +0200
++++ node-v18.16.1/src/crypto/crypto_util.cc	2023-07-31 12:16:16.906617914 +0200
+@@ -111,6 +111,8 @@ bool ProcessFipsOptions() {
+   /* Override FIPS settings in configuration file, if needed. */
+   if (per_process::cli_options->enable_fips_crypto ||
+       per_process::cli_options->force_fips_crypto) {
++      fprintf(stderr, "ERROR: Using options related to FIPS is not recommended, configure FIPS in openssl instead. See https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening for more details.\n");
++      return false;
+ #if OPENSSL_VERSION_MAJOR >= 3
+     OSSL_PROVIDER* fips_provider = OSSL_PROVIDER_load(nullptr, "fips");
+     if (fips_provider == nullptr)
diff --git a/SPECS/nodejs.spec b/SPECS/nodejs.spec
index c5ef127..c2d1e27 100644
--- a/SPECS/nodejs.spec
+++ b/SPECS/nodejs.spec
@@ -30,7 +30,7 @@
 # This is used by both the nodejs package and the npm subpackage that
 # has a separate version - the name is special so that rpmdev-bumpspec
 # will bump this rather than adding .1 to the end.
-%global baserelease 1
+%global baserelease 2
 
 %{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
 
@@ -182,6 +182,7 @@ Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-
 
 # Disable running gyp on bundled deps we don't use
 Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
+Patch3: nodejs-fips-disable-options.patch
 
 BuildRequires: make
 BuildRequires: python3-devel
@@ -721,6 +722,10 @@ end
 
 
 %changelog
+* Mon Jul 31 2023 Honza Horak <hhorak@redhat.com> - 1:16.20.1-2
+- Fix segfault that happens when processing fips-related options
+  Resolves: BZ#2227796
+
 * Thu Jul 13 2023 Jan Staněk <jstanek@redhat.com> - 1:16.20.1-1
 - Rebase to 16.20.1
   Resolves: rhbz#2188291