diff --git a/pam-1.3.1-unix-default-rounds.patch b/pam-1.3.1-unix-default-rounds.patch
new file mode 100644
index 0000000..bb4a156
--- /dev/null
+++ b/pam-1.3.1-unix-default-rounds.patch
@@ -0,0 +1,12 @@
+diff -up Linux-PAM-1.3.1/modules/pam_unix/pam_unix_passwd.c.unix-default-rounds Linux-PAM-1.3.1/modules/pam_unix/pam_unix_passwd.c
+--- Linux-PAM-1.3.1/modules/pam_unix/pam_unix_passwd.c.unix-default-rounds	2023-11-02 09:59:54.533238124 +0100
++++ Linux-PAM-1.3.1/modules/pam_unix/pam_unix_passwd.c	2023-11-02 10:40:58.017404936 +0100
+@@ -607,7 +607,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int
+ 	unsigned int ctrl, lctrl;
+ 	int retval;
+ 	int remember = -1;
+-	int rounds = -1;
++	int rounds = 0;
+ 	int pass_min_len = 0;
+ 
+ 	/* <DO NOT free() THESE> */
diff --git a/pam.spec b/pam.spec
index eae7ddd..41fb0a0 100644
--- a/pam.spec
+++ b/pam.spec
@@ -3,7 +3,7 @@
 Summary: An extensible library which provides authentication for applications
 Name: pam
 Version: 1.3.1
-Release: 28%{?dist}
+Release: 29%{?dist}
 # The library is BSD licensed with option to relicense as GPLv2+
 # - this option is redundant as the BSD license allows that anyway.
 # pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+.
@@ -103,6 +103,7 @@ Patch65: pam-1.3.1-pam-misc-configurable.patch
 # https://github.com/linux-pam/linux-pam/commit/530c9f9e2d746e1d168c6b17863debda7664ac7c
 # https://github.com/linux-pam/linux-pam/commit/f7abb8c1ef3aa31e6c2564a8aaf69683a77c2016
 Patch66: pam-1.3.1-unix-enable-bcrypt.patch
+Patch67: pam-1.3.1-unix-default-rounds.patch
 
 %define _pamlibdir %{_libdir}
 %define _moduledir %{_libdir}/security
@@ -217,6 +218,7 @@ cp %{SOURCE18} .
 %patch64 -p1 -b .pam-faillock-avoid-logging-erroneous
 %patch65 -p1 -b .pam-misc-configurable
 %patch66 -p1 -b .unix-enable-bcrypt
+%patch67 -p1 -b .unix-default-rounds
 
 autoreconf -i
 
@@ -470,6 +472,9 @@ done
 %doc doc/specs/rfc86.0.txt
 
 %changelog
+* Thu Nov  2 2023 Iker Pedrosa <ipedrosa@redhat.com> - 1.3.1-29
+- pam_unix: set default number of rounds. Resolves: RHEL-5057
+
 * Mon Oct 30 2023 Iker Pedrosa <ipedrosa@redhat.com> - 1.3.1-28
 - pam_unix: enable bcrypt. Resolves: RHEL-5057