diff --git a/pkgs/servers/frr/default.nix b/pkgs/servers/frr/default.nix
index 0ca256f1cbdd..d588fee00483 100644
--- a/pkgs/servers/frr/default.nix
+++ b/pkgs/servers/frr/default.nix
@@ -1,6 +1,7 @@
 { lib
 , stdenv
 , fetchFromGitHub
+, fetchpatch
 
 # build time
 , autoreconfHook
@@ -94,6 +95,15 @@ stdenv.mkDerivation rec {
     hash = "sha256-oDPr51vI+tlT1IiUPufmZh/UE0TNKWrn4RqpnGoGxNo=";
   };
 
+  patches = [
+    # fixes crash in OSPF TE parsing
+    (fetchpatch {
+      name = "CVE-2024-27913.patch";
+      url = "https://github.com/FRRouting/frr/commit/541503eecd302d2cc8456167d130014cd2cf1134.patch";
+      hash = "sha256-7NxPlQK/6lbLs/NqNi4OZ2uBWfXw99SiXDR6okNvJlg=";
+    })
+  ];
+
   nativeBuildInputs = [
     autoreconfHook
     bison