diff --git a/pkgs/applications/networking/browsers/chromium/default.nix b/pkgs/applications/networking/browsers/chromium/default.nix
index 7dee8f3d296..62ceb2dfb9b 100644
--- a/pkgs/applications/networking/browsers/chromium/default.nix
+++ b/pkgs/applications/networking/browsers/chromium/default.nix
@@ -82,7 +82,10 @@ let
 
   seccompPatch = let
     pre22 = versionOlder sourceInfo.version "22.0.0.0";
-  in if pre22 then ./enable_seccomp.patch else ./enable_seccomp22.patch;
+    pre23 = versionOlder sourceInfo.version "23.0.0.0";
+  in if pre22 then ./enable_seccomp.patch
+     else if pre23 then ./enable_seccomp22.patch
+     else ./enable_seccomp23.patch;
 
 in stdenv.mkDerivation rec {
   name = "${packageName}-${version}";
diff --git a/pkgs/applications/networking/browsers/chromium/enable_seccomp23.patch b/pkgs/applications/networking/browsers/chromium/enable_seccomp23.patch
new file mode 100644
index 00000000000..bde476adbfd
--- /dev/null
+++ b/pkgs/applications/networking/browsers/chromium/enable_seccomp23.patch
@@ -0,0 +1,18 @@
+diff --git a/content/common/sandbox_linux.cc b/content/common/sandbox_linux.cc
+index ad73fe6..ee3e6e6 100644
+--- a/content/common/sandbox_linux.cc
++++ b/content/common/sandbox_linux.cc
+@@ -42,13 +42,8 @@ bool IsSeccompLegacyDesired() {
+     return false;
+   }
+ #if defined(SECCOMP_SANDBOX)
+-#if defined(NDEBUG)
+-  // Off by default. Allow turning on with a switch.
+-  return command_line->HasSwitch(switches::kEnableSeccompSandbox);
+-#else
+   // On by default. Allow turning off with a switch.
+   return !command_line->HasSwitch(switches::kDisableSeccompSandbox);
+-#endif  // NDEBUG
+ #endif  // SECCOMP_SANDBOX
+   return false;
+ }