diff --git a/CVE-2021-3560.patch b/CVE-2021-3560.patch
new file mode 100644
index 0000000..e5b2b85
--- /dev/null
+++ b/CVE-2021-3560.patch
@@ -0,0 +1,13 @@
+--- a/src/polkit/polkitsystembusname.c
++++ b/src/polkit/polkitsystembusname.c
+@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName           *system_bus
+   while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error))
+     g_main_context_iteration (tmp_context, TRUE);
+ 
++  if (data.caught_error)
++    goto out;
++
+   if (out_uid)
+     *out_uid = data.uid;
+   if (out_pid)
+
diff --git a/polkit.spec b/polkit.spec
index 16d252a..c89dd0b 100644
--- a/polkit.spec
+++ b/polkit.spec
@@ -6,13 +6,16 @@
 Summary: An authorization framework
 Name: polkit
 Version: 0.118
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: LGPLv2+
 URL: http://www.freedesktop.org/wiki/Software/polkit
 Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
 Source1: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz.sign
 
 
+Patch1: CVE-2021-3560.patch
+
+
 BuildRequires: gcc-c++
 BuildRequires: glib2-devel >= 2.30.0
 BuildRequires: expat-devel
@@ -175,6 +178,10 @@ exit 0
 %{_libdir}/girepository-1.0/*.typelib
 
 %changelog
+* Thu May 20 2021 Jan Rybar <jrybar@redhat.com> - 0.118-2
+- CVE-2021-3560 mitigation
+- Resolves: CVE-2021-3560
+
 * Mon Apr 26 2021 Jan Rybar <jrybar@redhat.com> - 0.118-1
 - rebase to 0.118