diff --git a/openssh-8.0p1-bigsshdconfig.patch b/openssh-8.0p1-bigsshdconfig.patch
new file mode 100644
index 0000000..2158ffe
--- /dev/null
+++ b/openssh-8.0p1-bigsshdconfig.patch
@@ -0,0 +1,13 @@
+diff --git a/msg.c b/msg.c
+index 99c25cd2..574a566e 100644
+--- a/msg.c
++++ b/msg.c
+@@ -77,7 +77,7 @@ ssh_msg_recv(int fd, struct sshbuf *m)
+ 		return (-1);
+ 	}
+ 	msg_len = get_u32(buf);
+-	if (msg_len > 256 * 1024) {
++	if (msg_len > sshbuf_max_size(m)) {
+ 		error("ssh_msg_recv: read: bad msg_len %u", msg_len);
+ 		return (-1);
+ 	}
diff --git a/openssh.spec b/openssh.spec
index 91a65ff..d54ec38 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -279,6 +279,8 @@ Patch986: openssh-9.1p1-sshbanner.patch
 Patch987: openssh-8.0p1-ipv6-process.patch
 # Upstream 4332b4fe49360679647a8705bc08f4e81323f6b4
 Patch988: openssh-8.0p1-avoidkillall.patch
+# Upstream 89b54900ac61986760452f132bbe3fb7249cfdac
+Patch989: openssh-8.0p1-bigsshdconfig.patch
 # upsream commit
 # b23fe83f06ee7e721033769cfa03ae840476d280
 Patch1015: openssh-9.3p1-upstream-cve-2023-38408.patch
@@ -518,6 +520,7 @@ popd
 %patch986 -p1 -b .banner
 %patch987 -p1 -b .sftp_ipv6
 %patch988 -p1 -b .killall
+%patch989 -p1 -b .bigsshdconfig
 
 %patch200 -p1 -b .audit
 %patch201 -p1 -b .audit-race
@@ -819,6 +822,8 @@ getent passwd sshd >/dev/null || \
   Resolves: RHEL-5221
 - Avoid killing all processes on system in case of race condition
   Resolves: RHEL-11548
+- Avoid sshd_config 256K limit
+  Resolves: RHEL-5279
 
 * Thu Aug 24 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-19
 - rebuilt