diff --git a/debian/patches/series b/debian/patches/series
index 23df4fe26..80e29cefc 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -32,6 +32,7 @@ sipwise/sca-debug.patch
 sipwise/sca-fix-notify-after-bye.patch
 sipwise/sca-add-pai_avp-parameter.patch
 ## upstream 5.6
+upstream/core_tcp_read_check_for_first_msrp_line.patch
 #
 ## upstream master
 upstream/dialog-dlg_get_var-ci-ft-tt-key-dst_var.patch
diff --git a/debian/patches/upstream/core_tcp_read_check_for_first_msrp_line.patch b/debian/patches/upstream/core_tcp_read_check_for_first_msrp_line.patch
new file mode 100644
index 000000000..aaafa46f5
--- /dev/null
+++ b/debian/patches/upstream/core_tcp_read_check_for_first_msrp_line.patch
@@ -0,0 +1,35 @@
+--- a/src/core/tcp_read.c
++++ b/src/core/tcp_read.c
+@@ -1002,11 +1002,31 @@ int tcp_read_headers(struct tcp_connecti
+ 					/* locate transaction id in first line
+ 					 * -- first line exists, that's why we are here */
+ 					mfline =  q_memchr(r->start, '\n', r->pos-r->start);
++					if(mfline == NULL || mfline - r->start < 8) {
++						r->error = TCP_READ_ERROR;
++						r->state = H_SKIP; /* skip now */
++						goto skip;
++					}
+ 					mtransid.s = q_memchr(r->start + 5 /* 'MSRP ' */, ' ',
+-							mfline - r->start);
++							mfline - r->start - 5);
++					if(mtransid.s == NULL) {
++						r->error = TCP_READ_ERROR;
++						r->state = H_SKIP; /* skip now */
++						goto skip;
++					}
+ 					mtransid.len = mtransid.s - r->start - 5;
++					if(mtransid.len <= 0) {
++						r->error = TCP_READ_ERROR;
++						r->state = H_SKIP; /* skip now */
++						goto skip;
++					}
+ 					mtransid.s = r->start + 5;
+ 					trim(&mtransid);
++					if(mtransid.len <= 0) {
++						r->error = TCP_READ_ERROR;
++						r->state = H_SKIP; /* skip now */
++						goto skip;
++					}
+ 					if(memcmp(mtransid.s,
+ 							p - 1 /*\r*/ - 1 /* '+'|'#'|'$' */ - mtransid.len,
+ 							mtransid.len)!=0) {