diff --git a/0005-curl-7.61.1-CVE-2018-16840.patch b/0005-curl-7.61.1-CVE-2018-16840.patch
new file mode 100644
index 0000000..de546c0
--- /dev/null
+++ b/0005-curl-7.61.1-CVE-2018-16840.patch
@@ -0,0 +1,39 @@
+From 235f209a0e62edee654be441a50bb0c154edeaa5 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Thu, 18 Oct 2018 15:07:15 +0200
+Subject: [PATCH] Curl_close: clear data->multi_easy on free to avoid
+ use-after-free
+
+Regression from b46cfbc068 (7.59.0)
+CVE-2018-16840
+Reported-by: Brian Carpenter (Geeknik Labs)
+
+Bug: https://curl.haxx.se/docs/CVE-2018-16840.html
+
+Upstream-commit: 81d135d67155c5295b1033679c606165d4e28f3f
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ lib/url.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/lib/url.c b/lib/url.c
+index f159008..dcc1ecc 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -319,10 +319,12 @@ CURLcode Curl_close(struct Curl_easy *data)
+        and detach this handle from there. */
+     curl_multi_remove_handle(data->multi, data);
+ 
+-  if(data->multi_easy)
++  if(data->multi_easy) {
+     /* when curl_easy_perform() is used, it creates its own multi handle to
+        use and this is the one */
+     curl_multi_cleanup(data->multi_easy);
++    data->multi_easy = NULL;
++  }
+ 
+   /* Destroy the timeout list that is held in the easy handle. It is
+      /normally/ done by curl_multi_remove_handle() but this is "just in
+-- 
+2.17.2
+
diff --git a/curl.spec b/curl.spec
index 300941f..b13da7b 100644
--- a/curl.spec
+++ b/curl.spec
@@ -19,6 +19,9 @@ Patch4:   0004-curl-7.61.1-CVE-2018-16842.patch
 # we need `git apply` to apply this patch
 BuildRequires: git
 
+# fix use-after-free in handle close (CVE-2018-16840)
+Patch5:   0005-curl-7.61.1-CVE-2018-16840.patch
+
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
 
@@ -181,6 +184,7 @@ be installed.
 %patch2 -p1
 %patch3 -p1
 git apply %{PATCH4}
+%patch5 -p1
 
 # Fedora patches
 %patch101 -p1
@@ -348,6 +352,7 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 
 %changelog
 * Thu Nov 01 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.1-4
+- fix use-after-free in handle close (CVE-2018-16840)
 - fix bad arethmetic when outputting warnings to stderr (CVE-2018-16842)
 
 * Thu Oct 11 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.1-3