diff --git a/recipes-security/refpolicy/refpolicy/0061-libvirt_leasesh-Added-read-and-search-permission-on-.patch b/recipes-security/refpolicy/refpolicy/0061-libvirt_leasesh-Added-read-and-search-permission-on-.patch
new file mode 100644
index 0000000..0aaf5be
--- /dev/null
+++ b/recipes-security/refpolicy/refpolicy/0061-libvirt_leasesh-Added-read-and-search-permission-on-.patch
@@ -0,0 +1,39 @@
+From c6007734e59828abcbb5c03e09dbe2facff07b4d Mon Sep 17 00:00:00 2001
+From: Gargi Misra <quic_gmisra@quicinc.com>
+Date: Wed, 27 May 2026 13:51:58 +0530
+Subject: [PATCH] libvirt_leasesh: Added read and search permission on kernel
+ sysctls avc:  denied  { search } for  pid=1393 comm="libvirt_leasesh"
+ name="kernel" dev="proc" ino=3693
+ scontext=system_u:system_r:virt_leaseshelper_t:s0
+ tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=dir permissive=0 avc: 
+ denied  { read } for  pid=1363 comm="libvirt_leasesh" name="cap_last_cap"
+ dev="proc" ino=13638 scontext=system_u:system_r:virt_leaseshelper_t:s0
+ tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=file permissive=0 avc: 
+ denied  { open } for  pid=1359 comm="libvirt_leasesh"
+ path="/proc/sys/kernel/cap_last_cap" dev="proc" ino=2909
+ scontext=system_u:system_r:virt_leaseshelper_t:s0
+ tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=file permissive=0 avc: 
+ denied  { getattr } for  pid=1375 comm="libvirt_leasesh" name="/" dev="proc"
+ ino=1 scontext=system_u:system_r:virt_leaseshelper_t:s0
+ tcontext=system_u:object_r:proc_t:s0 tclass=filesystem permissive=0
+
+Signed-off-by: Gargi Misra <gmisra@qti.qualcomm.com>
+---
+ policy/modules/services/virt.te | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/policy/modules/services/virt.te b/policy/modules/services/virt.te
+index 2241a22b5..0f6dc341e 100644
+--- a/policy/modules/services/virt.te
++++ b/policy/modules/services/virt.te
+@@ -1161,6 +1161,7 @@ manage_files_pattern(virt_leaseshelper_t, virt_runtime_t, virt_runtime_t)
+ files_runtime_filetrans(virt_leaseshelper_t, virt_runtime_t, file)
+ 
+ kernel_dontaudit_read_system_state(virt_leaseshelper_t)
++kernel_read_kernel_sysctls(virt_leaseshelper_t)
+ 
+ # Read /sys/devices/system/node/node*/meminfo
+ dev_list_sysfs(virt_leaseshelper_t)
+-- 
+2.43.0
+
diff --git a/recipes-security/refpolicy/refpolicy_common.inc b/recipes-security/refpolicy/refpolicy_common.inc
index 2a2cc78..23aadf6 100644
--- a/recipes-security/refpolicy/refpolicy_common.inc
+++ b/recipes-security/refpolicy/refpolicy_common.inc
@@ -76,6 +76,7 @@ SRC_URI += " \
         file://0058-policy-modules-system-logging-make-syslogd_runtime_t.patch \
         file://0059-refpolicy-Addressing-denial-seen-on-alsa.patch \
         file://0060-systemd-coredum-Added-sepolicy-permission-to-read-na.patch \
+        file://0061-libvirt_leasesh-Added-read-and-search-permission-on-.patch \
         "
 
 S = "${UNPACKDIR}/refpolicy"