diff --git a/irda-Fix-missing-msg_namelen-update-in-irda_recvmsg_.patch b/irda-Fix-missing-msg_namelen-update-in-irda_recvmsg_.patch
new file mode 100644
index 0000000..074d2b4
--- /dev/null
+++ b/irda-Fix-missing-msg_namelen-update-in-irda_recvmsg_.patch
@@ -0,0 +1,37 @@
+From 5ae94c0d2f0bed41d6718be743985d61b7f5c47d Mon Sep 17 00:00:00 2001
+From: Mathias Krause <minipli@googlemail.com>
+Date: Sun, 7 Apr 2013 01:51:53 +0000
+Subject: [PATCH] irda: Fix missing msg_namelen update in irda_recvmsg_dgram()
+
+The current code does not fill the msg_name member in case it is set.
+It also does not set the msg_namelen member to 0 and therefore makes
+net/socket.c leak the local, uninitialized sockaddr_storage variable
+to userland -- 128 bytes of kernel stack memory.
+
+Fix that by simply setting msg_namelen to 0 as obviously nobody cared
+about irda_recvmsg_dgram() not filling the msg_name in case it was
+set.
+
+Cc: Samuel Ortiz <samuel@sortiz.org>
+Signed-off-by: Mathias Krause <minipli@googlemail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+---
+ net/irda/af_irda.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/net/irda/af_irda.c b/net/irda/af_irda.c
+index d28e7f0..e493b33 100644
+--- a/net/irda/af_irda.c
++++ b/net/irda/af_irda.c
+@@ -1386,6 +1386,8 @@ static int irda_recvmsg_dgram(struct kiocb *iocb, struct socket *sock,
+ 
+ 	IRDA_DEBUG(4, "%s()\n", __func__);
+ 
++	msg->msg_namelen = 0;
++
+ 	skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
+ 				flags & MSG_DONTWAIT, &err);
+ 	if (!skb)
+-- 
+1.8.1.4
+
diff --git a/kernel.spec b/kernel.spec
index 8f056ce..d8dbe86 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -832,6 +832,9 @@ Patch25023: llc-Fix-missing-msg_namelen-update-in-llc_ui_recvmsg.patch
 #CVE-2013-3230 956088 956089
 Patch25024: l2tp-fix-info-leak-in-l2tp_ip6_recvmsg.patch
 
+#CVE-2013-3228 956069 956071
+Patch25025: irda-Fix-missing-msg_namelen-update-in-irda_recvmsg_.patch
+
 # END OF PATCH DEFINITIONS
 
 %endif
@@ -1614,6 +1617,9 @@ ApplyPatch llc-Fix-missing-msg_namelen-update-in-llc_ui_recvmsg.patch
 #CVE-2013-3230 956088 956089
 ApplyPatch l2tp-fix-info-leak-in-l2tp_ip6_recvmsg.patch
 
+#CVE-2013-3228 956069 956071
+ApplyPatch irda-Fix-missing-msg_namelen-update-in-irda_recvmsg_.patch
+
 # END OF PATCH APPLICATIONS
 
 %endif
@@ -2472,6 +2478,7 @@ fi
 #                 ||     ||
 %changelog
 * Wed Apr 24 2013 Josh Boyer <jwboyer@redhat.com>
+- CVE-2013-3228 irda: missing msg_namelen update in irda_recvmsg_dgram (rhbz 956069 956071)
 - CVE-2013-3230 l2tp: info leak in l2tp_ip6_recvmsg (rhbz 956088 956089)
 - CVE-2013-3231 llc: Fix missing msg_namelen update in llc_ui_recvmsg (rhbz 956094 956104)
 - CVE-2013-3232 netrom: information leak via msg_name in nr_recvmsg (rhbz 956110 956113)