diff --git a/SOURCES/centos-linux-4.18-xfrm_fix_memleak.patch b/SOURCES/centos-linux-4.18-xfrm_fix_memleak.patch
new file mode 100644
index 0000000..d8b6991
--- /dev/null
+++ b/SOURCES/centos-linux-4.18-xfrm_fix_memleak.patch
@@ -0,0 +1,39 @@
+centosplus patch [RHBZ#1780470]
+centos-linux-4.18-xfrm_fix_memleak.patch
+
+From d32c9130a47f5aa187e3167def2477e13569940d Mon Sep 17 00:00:00 2001
+From: Steffen Klassert <steffen.klassert@secunet.com>
+Date: Wed, 11 Dec 2019 15:15:06 -0800
+Subject: [PATCH] xfrm: Fix memleak on xfrm state destroy
+
+commit 86c6739eda7d2a03f2db30cbee67a5fb81afa8ba upstream.
+
+We leak the page that we use to create skb page fragments
+when destroying the xfrm_state. Fix this by dropping a
+page reference if a page was assigned to the xfrm_state.
+
+Fixes: cac2661c53f3 ("esp4: Avoid skb_cow_data whenever possible")
+Reported-by: JD <jdtxs00@gmail.com>
+Reported-by: Paul Wouters <paul@nohats.ca>
+Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+Applied-by: Akemi Yagi <toracat@centos.org>
+---
+ net/xfrm/xfrm_state.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/net/xfrm/xfrm_state.c
++++ b/net/xfrm/xfrm_state.c
+@@ -456,6 +456,8 @@ static void ___xfrm_state_destroy(struct xfrm_state *x)
+ 		x->type->destructor(x);
+ 		xfrm_put_type(x->type);
+ 	}
++	if (x->xfrag.page)
++		put_page(x->xfrag.page);
+ 	xfrm_dev_state_free(x);
+ 	security_xfrm_state_free(x);
+ 	xfrm_state_free(x);
+-- 
+2.20.1
+
diff --git a/SPECS/kernel-plus.spec b/SPECS/kernel-plus.spec
index 7344069..f7f02e3 100644
--- a/SPECS/kernel-plus.spec
+++ b/SPECS/kernel-plus.spec
@@ -487,6 +487,7 @@ Patch10007: centos-linux-4.18-drivers-drivers-net-e1000.patch-bug16284.patch
 #Patch10008: centos-linux-4.18-drivers-net-e1000e-bug16284.patch
 Patch10009: centos-linux-4.18-megaraid_sas-add-removed-IDs.patch
 Patch10010: centos-linux-4.18-mpt3sas-add-removed-IDs.patch
+Patch10011: centos-linux-4.18-xfrm_fix_memleak.patch
 # end of plus mod
 
 Source9000: centos.pem
@@ -1075,6 +1076,7 @@ ApplyOptionalPatch centos-linux-4.18-drivers-drivers-net-e1000.patch-bug16284.pa
 #ApplyOptionalPatch centos-linux-4.18-drivers-net-e1000e-bug16284.patch
 ApplyOptionalPatch centos-linux-4.18-megaraid_sas-add-removed-IDs.patch
 ApplyOptionalPatch centos-linux-4.18-mpt3sas-add-removed-IDs.patch
+ApplyOptionalPatch centos-linux-4.18-xfrm_fix_memleak.patch
 # end of plus mod
 
 # End of CentOS Modification
@@ -2429,6 +2431,7 @@ fi
 - Apply driver patches imported from ELRepo
 - Add device IDs that have been removed from RHEL 8 kernels (megaraid_sas and mpt3sas)
 - Apply patches for e1000 from kernel.org [bug#16284]
+- Apply patch to fix xfrm memleak [RHBZ#1780470]
 
 * Mon Nov 11 2019 Frantisek Hrbata <fhrbata@redhat.com> [4.18.0-147.0.3.el8_1]
 - [drm] drm/i915/cmdparser: Fix jump whitelist clearing (Dave Airlie) [1756871 1756873] {CVE-2019-0155}