diff --git a/CVE-2018-15518.patch b/CVE-2018-15518.patch
new file mode 100644
index 0000000..409731d
--- /dev/null
+++ b/CVE-2018-15518.patch
@@ -0,0 +1,31 @@
+From 6256729a6da532079505edfe4c56a6ef29cd8ab8 Mon Sep 17 00:00:00 2001
+From: Allan Sandfeld Jensen <allan.jensen@qt.io>
+Date: Mon, 13 Aug 2018 15:29:16 +0200
+Subject: [PATCH] Fix possible heap corruption in QXmlStream
+
+The value of 'tos' at the check might already be on the last element,
+so triggering stack expansion on the second last element is too late.
+
+Change-Id: Ib3ab2662d4d27a71effe9e988b9e172923af2908
+Reviewed-by: Richard J. Moore <rich@kde.org>
+Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
+---
+ src/corelib/serialization/qxmlstream_p.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/corelib/serialization/qxmlstream_p.h b/src/corelib/serialization/qxmlstream_p.h
+index 4157fbbd0e0..f8b1ede9439 100644
+--- a/src/corelib/serialization/qxmlstream_p.h
++++ b/src/corelib/serialization/qxmlstream_p.h
+@@ -1250,7 +1250,7 @@ bool QXmlStreamReaderPrivate::parse()
+             state_stack[tos] = 0;
+             return true;
+         } else if (act > 0) {
+-            if (++tos == stack_size-1)
++            if (++tos >= stack_size-1)
+                 reallocateStack();
+ 
+             Value &val = sym_stack[tos];
+-- 
+2.16.3
+
diff --git a/qt5-qtbase.spec b/qt5-qtbase.spec
index de6237c..9435a75 100644
--- a/qt5-qtbase.spec
+++ b/qt5-qtbase.spec
@@ -13,7 +13,7 @@
 Name:             qt5-qtbase
 Summary:          Core component of Qt toolkit
 Version:          5.11.1
-Release:          8
+Release:          9
 License:          LGPLv2 with exceptions or GPLv3 with exceptions
 Url:              http://qt-project.org/
 Source0:          https://download.qt.io/official_releases/qt/5.11/%{version}/submodules/qtbase-everywhere-src-%{version}.tar.xz
@@ -34,6 +34,8 @@ Patch0009:        qt5-qtbase-5.9.1-firebird.patch
 Patch0010:        qtbase-everywhere-src-5.11.1-python3.patch
 Patch0011:        qt5-qtbase-glibc.patch
 
+Patch6000:        CVE-2018-15518.patch 
+
 BuildRequires:    pkgconfig(libsystemd) cups-devel desktop-file-utils findutils
 BuildRequires:    libjpeg-devel libmng-devel libtiff-devel pkgconfig(alsa)
 BuildRequires:    pkgconfig(atspi-2) pkgconfig(dbus-1) pkgconfig(libdrm)
@@ -399,5 +401,12 @@ fi
 
 
 %changelog
+* Wed Dec 25 2019 fengbing <fengbing7@huawei.com> - 5.11.1-9
+- Type:cves
+- ID:CVE-2018-15518
+- SUG:restart
+- DESC: fix CVE-2018-15518
+
+
 * Thu Nov 07 2019 yanzhihua <yanzhihua4@huawei.com> - 5.11.1-8
 - Package init