diff --git a/CVE-2022-48571.patch b/CVE-2022-48571.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8bdf44d54afeea678440981aa9e30ca223091f6d
--- /dev/null
+++ b/CVE-2022-48571.patch
@@ -0,0 +1,35 @@
+From 8b9a6de384a5222f62df50fe6e21206e40f5fbf4 Mon Sep 17 00:00:00 2001
+From: starlet-dx <15929766099@163.com>
+Date: Mon, 4 Sep 2023 09:58:04 +0800
+Subject: [PATCH 1/1] udp: crash fix when receiving multi-packet uploads
+
+multi-packet sets aren't supported in UDP. It was trying to write an
+error message in response, but no mc_resp object was initialized at the
+time, leading to a null reference crash.
+
+Instead drop the packet quietly since that's a pretty fatal bug anyway
+and keeps the parser simplified.
+
+For credits see accompanying release notes.
+
+Origin:
+https://github.com/memcached/memcached/commit/6b319c8c7a29e9c353dec83dc92f01905f6c8966
+---
+ memcached.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/memcached.c b/memcached.c
+index 21e1ca1..5e5d48b 100644
+--- a/memcached.c
++++ b/memcached.c
+@@ -5119,7 +5119,6 @@ static enum try_read_result try_read_udp(conn *c) {
+ 
+         /* If this is a multi-packet request, drop it. */
+         if (buf[4] != 0 || buf[5] != 1) {
+-            out_string(c, "SERVER_ERROR multi-packet request not supported");
+             return READ_NO_DATA_RECEIVED;
+         }
+ 
+-- 
+2.30.0
+
diff --git a/memcached.spec b/memcached.spec
index a53cf24bfa195496c00a12ead61403d15c3701dd..a3871a4cf1b05dbf008cd851cd2a96d974dd3f2c 100644
--- a/memcached.spec
+++ b/memcached.spec
@@ -3,7 +3,7 @@
 
 Name:          memcached
 Version:       1.5.10
-Release:       6
+Release:       7
 Epoch:         0
 Summary:       A high-performance, distributed memory object caching system
 License:       BSD
@@ -15,6 +15,7 @@ Source2:       memcached.sysconfig
 Patch0001:     memcached-unit.patch
 Patch6000:     CVE-2019-11596.patch
 Patch6001:     CVE-2019-15026.patch
+Patch6002:     CVE-2022-48571.patch
 
 BuildRequires: systemd perl-generators perl(Test::More) perl(Test::Harness)
 BuildRequires: selinux-policy-devel libevent-devel
@@ -135,6 +136,9 @@ fi
 %{_mandir}/man1/memcached.1*
 
 %changelog
+* Mon Sep 04 2023 yaoxin <yao_xin001@hoperun.com> - 0:1.5.10-7
+- Fix CVE-2022-48571
+
 * Thu Jan 07 2021 wangyue<wangyue92@huawei.com> - 0:1.5.10-6
 - fix CVE-2019-15026