diff --git a/libselinux-set-free-d-data-to-NULL.patch b/libselinux-set-free-d-data-to-NULL.patch
new file mode 100644
index 0000000..8c08500
--- /dev/null
+++ b/libselinux-set-free-d-data-to-NULL.patch
@@ -0,0 +1,48 @@
+Index: libselinux-3.7/src/label_backends_android.c
+===================================================================
+--- libselinux-3.7.orig/src/label_backends_android.c
++++ libselinux-3.7/src/label_backends_android.c
+@@ -260,6 +260,7 @@ static void closef(struct selabel_handle
+ 		free(data->spec_arr);
+ 
+ 	free(data);
++	rec->data = NULL;
+ }
+ 
+ static struct selabel_lookup_rec *property_lookup(struct selabel_handle *rec,
+Index: libselinux-3.7/src/label_file.c
+===================================================================
+--- libselinux-3.7.orig/src/label_file.c
++++ libselinux-3.7/src/label_file.c
+@@ -942,6 +942,7 @@ static void closef(struct selabel_handle
+ 		free(last_area);
+ 	}
+ 	free(data);
++	rec->data = NULL;
+ }
+ 
+ // Finds all the matches of |key| in the given context. Returns the result in
+Index: libselinux-3.7/src/label_media.c
+===================================================================
+--- libselinux-3.7.orig/src/label_media.c
++++ libselinux-3.7/src/label_media.c
+@@ -183,6 +183,7 @@ static void close(struct selabel_handle
+ 	    free(spec_arr);
+ 
+ 	free(data);
++	rec->data = NULL;
+ }
+ 
+ static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
+Index: libselinux-3.7/src/label_x.c
+===================================================================
+--- libselinux-3.7.orig/src/label_x.c
++++ libselinux-3.7/src/label_x.c
+@@ -210,6 +210,7 @@ static void close(struct selabel_handle
+ 	    free(spec_arr);
+ 
+ 	free(data);
++	rec->data = NULL;
+ }
+ 
+ static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
diff --git a/libselinux.changes b/libselinux.changes
index 1c0f41b..f1de0c5 100644
--- a/libselinux.changes
+++ b/libselinux.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Jul 11 19:47:41 UTC 2024 - Cathy Hu <cathy.hu@suse.com>
+
+- Fix segfault caused by upstream changes in selabel_open():
+  libselinux-set-free-d-data-to-NULL.patch 
+  Can be removed once it is upstream.
+
 -------------------------------------------------------------------
 Mon Jul  1 07:53:14 UTC 2024 - Cathy Hu <cathy.hu@suse.com>
 
diff --git a/libselinux.spec b/libselinux.spec
index 761aa85..2162bd8 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -36,6 +36,9 @@ Patch5:         skip_cycles.patch
 # Make linking working even when default pkg-config doesn’t provide -lpython<ver>
 Patch6:         python3.8-compat.patch
 Patch7:         swig4_moduleimport.patch
+# Fixes segfault in 3.7, please remove once this is upstream:
+# https://lore.kernel.org/selinux/CAP+JOzQCu0srfss921Ew42oHxsaqRYGiTs56_h9j2Yfw0cYGjg@mail.gmail.com/T/#t
+Patch8:         libselinux-set-free-d-data-to-NULL.patch
 BuildRequires:  fdupes
 BuildRequires:  libsepol-devel >= %{libsepol_ver}
 BuildRequires:  libsepol-devel-static >= %{libsepol_ver}