diff --git a/pkgs/development/libraries/openldap/default.nix b/pkgs/development/libraries/openldap/default.nix
index 7f9c2dbf3ee..1304799f56c 100644
--- a/pkgs/development/libraries/openldap/default.nix
+++ b/pkgs/development/libraries/openldap/default.nix
@@ -8,6 +8,16 @@ stdenv.mkDerivation rec {
     sha256 = "0qmy2jkk6v9iqwrsdsn8s7lwzaplr01a2mgf21r6nl66lig7g47l";
   };
 
+  patches = [
+    (fetchurl {
+      # Fix a null-ptr dereference for unauthenticated packet in slapd
+      # NO CVE yet
+      # https://bugs.openldap.org/show_bug.cgi?id=9370
+      url = "https://git.openldap.org/openldap/openldap/-/commit/4c774220a752bf8e3284984890dc0931fe73165d.patch";
+      sha256 = "1vkbb6szscnhch5zzf6iq104l3dkwd50rih8jk9y0s2vgyz76mil";
+    })
+  ];
+
   # TODO: separate "out" and "bin"
   outputs = [ "out" "dev" "man" "devdoc" ];