diff --git a/ppp-CVE-2015-3310.patch b/ppp-CVE-2015-3310.patch
new file mode 100644
index 0000000..b1a0e84
--- /dev/null
+++ b/ppp-CVE-2015-3310.patch
@@ -0,0 +1,11 @@
+--- a/pppd/plugins/radius/util.c
++++ b/pppd/plugins/radius/util.c
+@@ -77,7 +77,7 @@ rc_mksid (void)
+   static unsigned short int cnt = 0;
+   sprintf (buf, "%08lX%04X%02hX",
+ 	   (unsigned long int) time (NULL),
+-	   (unsigned int) getpid (),
++	   (unsigned int) getpid () % 65535,
+ 	   cnt & 0xFF);
+   cnt++;
+   return buf;
diff --git a/ppp.spec b/ppp.spec
index 6e347b1..6824258 100644
--- a/ppp.spec
+++ b/ppp.spec
@@ -1,6 +1,6 @@
 Name:           ppp
 Version:        2.4.7
-Release:        27
+Release:        28
 Summary:        The Point-to-Point Protocol
 
 License:        BSD and LGPLv2+ and GPLv2+ and Public Domain
@@ -58,6 +58,7 @@ Patch0028:      0028-pppoe-include-netinet-in.h-before-linux-in.h.patch
 
 Patch0029:      ppp-2.4.7-DES-openssl.patch
 Patch0030:      ppp-2.4.7-honor-ldflags.patch
+Patch6000:      ppp-CVE-2015-3310.patch
 
 %description
 The Point-to-Point Protocol (PPP) provides a standard way to establish
@@ -150,5 +151,12 @@ install -m 644 -p %{SOURCE12} %{buildroot}%{_prefix}/lib/tmpfiles.d/ppp.conf
 %{_mandir}/man8/*.8.gz
 
 %changelog
+* Fri Dec 20 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.4.7-28
+- Type:cves
+- ID:CVE-2015-3310
+- SUG:restart
+- DESC:fix CVE-2015-3310
+
 * Sun Sep 15 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.4.7-27
 - Package Init
+