diff --git a/changelogs/unreleased/gh-7818-msgpack-0xc1-fix.md b/changelogs/unreleased/gh-7818-msgpack-0xc1-fix.md
new file mode 100644
index 0000000000000000000000000000000000000000..c56740b552cbfd1eac8bba3185a50c7e2d1f2869
--- /dev/null
+++ b/changelogs/unreleased/gh-7818-msgpack-0xc1-fix.md
@@ -0,0 +1,4 @@
+## bugfix/lua
+
+* Fixed a crash in `msgpack.decode` in case the input string contains invalid
+  MsgPack header `0xc1` (gh-7818).
diff --git a/src/lib/msgpuck b/src/lib/msgpuck
index 0c6680a300e31714f475a7f90c2d95a02d001d80..0faa69988e232df03c0dd2dd04d57fdcea8e38f8 160000
--- a/src/lib/msgpuck
+++ b/src/lib/msgpuck
@@ -1 +1 @@
-Subproject commit 0c6680a300e31714f475a7f90c2d95a02d001d80
+Subproject commit 0faa69988e232df03c0dd2dd04d57fdcea8e38f8
diff --git a/test/app-luatest/msgpack_test.lua b/test/app-luatest/msgpack_test.lua
index 814456d91638f90470978f24744404c30ba3c285..5b43c33233c70fc2edadf14720037f10302a8e0d 100644
--- a/test/app-luatest/msgpack_test.lua
+++ b/test/app-luatest/msgpack_test.lua
@@ -122,19 +122,24 @@ g.test_encode_decode_buffer = function()
 end
 
 g.test_invalid_msgpack = function()
+    local err = "msgpack.decode: invalid MsgPack"
+
     -- Invalid msgpack.
     local first_buffer = {1, 2, 3}
     local s = msgpack.encode(first_buffer)
     s = s:sub(1, -2)
-    t.assert_error_msg_content_equals(
-        "msgpack.decode: invalid MsgPack",
-        function() msgpack.decode(s) end)
+    t.assert_error_msg_content_equals(err, msgpack.decode, s)
 
     local buf = buffer.ibuf()
     t.assert_equals(msgpack.encode(first_buffer, buf), 4)
-    t.assert_error_msg_content_equals(
-        "msgpack.decode: invalid MsgPack",
-        function() msgpack.decode(buf.rpos, buf:size() - 1) end)
+    t.assert_error_msg_content_equals(err, msgpack.decode,
+                                      buf.rpos, buf:size() - 1)
+
+    -- 0xc1 cannot be used in a valid MsgPack.
+    t.assert_error_msg_content_equals(err, msgpack.decode, '\xc1')
+    t.assert_error_msg_content_equals(err, msgpack.decode, '\x91\xc1')
+    t.assert_error_msg_content_equals(err, msgpack.decode, '\x81\xff\xc1')
+    t.assert_error_msg_content_equals(err, msgpack.decode, '\x93\xff\xc1\xff')
 end
 
 g.test_encode_decode_struct_buffer = function()
diff --git a/test/unit/msgpack.result b/test/unit/msgpack.result
index 43f27f2cda046ee7d469aab98d8e0db7f7c5d801..b7ad3400e3cc6b8b49e791fe6a5d0e1d3c5a8edd 100644
--- a/test/unit/msgpack.result
+++ b/test/unit/msgpack.result
@@ -2112,7 +2112,7 @@ ok 19 - subtests
     ok 5 - str is correct
     # *** test_mp_print_ext: done ***
 ok 20 - subtests
-    1..65
+    1..69
     # *** test_mp_check ***
     ok 1 - invalid fixmap 1
     ok 2 - invalid fixmap 2
@@ -2179,6 +2179,10 @@ ok 20 - subtests
     ok 63 - invalid map32 1
     ok 64 - invalid map32 2
     ok 65 - invalid map32 3
+    ok 66 - invalid header 1
+    ok 67 - invalid header 2
+    ok 68 - invalid header 3
+    ok 69 - invalid header 4
     # *** test_mp_check: done ***
 ok 21 - subtests
     1..24