diff --git a/OpenIPMI.spec b/OpenIPMI.spec
index 06e54e74144da163287a5c77d02365654e589830..57d9c2c5ef3c86e4b96eca221b7162f7d78de10a 100644
--- a/OpenIPMI.spec
+++ b/OpenIPMI.spec
@@ -1,6 +1,6 @@
 Name:       OpenIPMI
 Version:    2.0.32
-Release:    3
+Release:    4
 Summary:    IPMI (Intelligent Platform Management Interface) library and tools
 License:    LGPLv2+ and GPLv2+ or BSD
 URL:        https://sourceforge.net/projects/openipmi/
@@ -11,6 +11,9 @@ Source3:    openipmi-helper
 
 Patch0:     0001-man.patch
 Patch1:     backport-fix-coredump-when-use-ipmi_ui.patch
+Patch2:     backport-0001-CVE-2024-42934.patch
+Patch3:     backport-0002-CVE-2024-42934.patch
+Patch4:     backport-0003-CVE-2024-42934.patch
 
 BuildRequires:    gdbm-devel swig glib2-devel net-snmp-devel ncurses-devel
 BuildRequires:    openssl-devel python3-devel perl-devel perl-generators
@@ -148,6 +151,12 @@ make check
 %exclude %{_mandir}/man1/openipmigui.1
 
 %changelog
+* Fri Oct 11 2024 yanglu <yanglu72@h-partners.com> - 2.0.32-4
+- Type:CVE
+- CVE:CVE-2024-42934
+- SUG:NA
+- DESC:fix CVE-2024-42934
+
 * Tue Nov 21 2023 yanglu <yanglu72@h-partners.com> - 2.0.32-3
 - Type:enhancement
 - CVE:NA
diff --git a/backport-0001-CVE-2024-42934.patch b/backport-0001-CVE-2024-42934.patch
new file mode 100644
index 0000000000000000000000000000000000000000..075f0f173f5bd23b19731d1df85b039f81237c93
--- /dev/null
+++ b/backport-0001-CVE-2024-42934.patch
@@ -0,0 +1,46 @@
+From b52e8e2538b2b48ef6b63bff12b5cc9e2d52eff1 Mon Sep 17 00:00:00 2001
+From: Corey Minyard <minyard@acm.org>
+Date: Mon, 29 Apr 2024 12:46:23 -0500
+Subject: [PATCH] lanserv: Check some bounds on incoming messages
+ 
+Signed-off-by: Corey Minyard <minyard@acm.org>
+ 
+Reference:https://sourceforge.net/p/openipmi/code/ci/b52e8e2538b2b48ef6b63bff12b5cc9e2d52eff1/
+Conflict:NA
+ 
+---
+ lanserv/lanserv_ipmi.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/lanserv/lanserv_ipmi.c b/lanserv/lanserv_ipmi.c
+index ccd6001..0ee6451 100644
+--- a/lanserv/lanserv_ipmi.c
++++ b/lanserv/lanserv_ipmi.c
+@@ -882,6 +882,12 @@ handle_temp_session(lanserv_data_t *lan, msg_t *msg)
+     }
+ 
+     auth = msg->data[0] & 0xf;
++    if (auth >= MAX_IPMI_AUTHS) {
++       lan->sysinfo->log(lan->sysinfo, NEW_SESSION_FAILED, msg,
++                "Activate session failed: Invalid auth: 0x%x", auth);
++       return;
++    }
++
+     user = &(lan->users[user_idx]);
+     if (! (user->valid)) {
+ 	lan->sysinfo->log(lan->sysinfo, NEW_SESSION_FAILED, msg,
+@@ -3034,6 +3040,11 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
+     }
+ 
+     msg.authtype = data[4];
++    if (msg.authtype >= MAX_IPMI_AUTHS) {
++       lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
++                "LAN msg failure: Invalid authtype");
++       return;
++    }
+     msg.data = data+5;
+     msg.len = len - 5;
+     msg.channel = lan->channel.channel_num;
+-- 
+2.43.0
+
diff --git a/backport-0002-CVE-2024-42934.patch b/backport-0002-CVE-2024-42934.patch
new file mode 100644
index 0000000000000000000000000000000000000000..3a43e58a2a8f6f507071262c0b94f30d7bdf4a31
--- /dev/null
+++ b/backport-0002-CVE-2024-42934.patch
@@ -0,0 +1,71 @@
+From 663e3cd3b6d1d9fc82267c7d7474320cb67e03a4 Mon Sep 17 00:00:00 2001
+From: Corey Minyard <minyard@acm.org>
+Date: Sun, 2 Jun 2024 14:11:16 -0500
+Subject: [PATCH] lanserv: Fix an issue logging an error on a message
+ 
+A message structure was passed to the log, but it was not sufficiently
+initialized and the logging program crashed.  Rework the initialization
+to make the message data ready and legal for the logging calls.
+ 
+Found-by: Fabio Massimo Di Nitto
+Signed-off-by: Corey Minyard <minyard@acm.org>
+ 
+Reference:https://sourceforge.net/p/openipmi/code/ci/663e3cd3b6d1d9fc82267c7d7474320cb67e03a4/
+Conflict:NA
+
+---
+ lanserv/lanserv_ipmi.c | 20 ++++++++++++++++----
+ 1 file changed, 16 insertions(+), 4 deletions(-)
+
+diff --git a/lanserv/lanserv_ipmi.c b/lanserv/lanserv_ipmi.c
+index 0ee6451..1ef5710 100644
+--- a/lanserv/lanserv_ipmi.c
++++ b/lanserv/lanserv_ipmi.c
+@@ -3022,17 +3022,33 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
+ {
+     msg_t   msg;
+ 
++    memset(&msg, 0, sizeof(msg));
++
+     msg.src_addr = from_addr;
+     msg.src_len = from_len;
+ 
+     msg.oem_data = 0;
+ 
++    msg.channel = lan->channel.channel_num;
++    msg.orig_channel = &lan->channel;
++
++    /*
++     * Initialize the data so the log won't crash if it gets called, and
++     * so the log might have useful info.
++     */
++    msg.data = data;
++    msg.len = len;
++
+     if (len < 5) {
+ 	lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
+ 		 "LAN msg failure: message too short");
+ 	return;
+     }
+ 
++    /* Length is at least marginally correct, skip the first part now. */
++    msg.data = data + 5;
++    msg.len = len - 5;
++
+     if (data[2] != 0xff) {
+ 	lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
+ 		 "LAN msg failure: seq not ff");
+@@ -3045,10 +3061,6 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
+                 "LAN msg failure: Invalid authtype");
+        return;
+     }
+-    msg.data = data+5;
+-    msg.len = len - 5;
+-    msg.channel = lan->channel.channel_num;
+-    msg.orig_channel = &lan->channel;
+ 
+     if (msg.authtype == IPMI_AUTHTYPE_RMCP_PLUS) {
+ 	ipmi_handle_rmcpp_msg(lan, &msg);
+-- 
+2.43.0
+
diff --git a/backport-0003-CVE-2024-42934.patch b/backport-0003-CVE-2024-42934.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8c512e6665226498ae4cbb605acb67ff70c3c4aa
--- /dev/null
+++ b/backport-0003-CVE-2024-42934.patch
@@ -0,0 +1,50 @@
+From 4c129d0540f3578ecc078d8612bbf84b6cd24c87 Mon Sep 17 00:00:00 2001
+From: Corey Minyard <corey@minyard.net>
+Date: Thu, 1 Aug 2024 10:56:06 -0500
+Subject: [PATCH] lanserv: Fix an issue with authorization range checking
+ 
+A recent change added a range check on authorization type, but it didn't
+take into account the RMCP authorization type that's special.  Add a
+check for that.
+ 
+Fixes: b52e8e2538b2b48ef6b6 "lanserv: Check some bounds on incoming messages"
+ 
+Signed-off-by: Corey Minyard <corey@minyard.net>
+ 
+Reference:https://sourceforge.net/p/openipmi/code/ci/4c129d0540f3578ecc078d8612bbf84b6cd24c87/
+Conflict:NA
+
+---
+ lanserv/lanserv_ipmi.c | 11 ++++-------
+ 1 file changed, 4 insertions(+), 7 deletions(-)
+
+diff --git a/lanserv/lanserv_ipmi.c b/lanserv/lanserv_ipmi.c
+index 1ef5710..5de396e 100644
+--- a/lanserv/lanserv_ipmi.c
++++ b/lanserv/lanserv_ipmi.c
+@@ -3056,18 +3056,15 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
+     }
+ 
+     msg.authtype = data[4];
+-    if (msg.authtype >= MAX_IPMI_AUTHS) {
+-       lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
+-                "LAN msg failure: Invalid authtype");
+-       return;
+-    }
+-
+     if (msg.authtype == IPMI_AUTHTYPE_RMCP_PLUS) {
+ 	ipmi_handle_rmcpp_msg(lan, &msg);
++    } else if (msg.authtype >= MAX_IPMI_AUTHS) {
++       lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
++                         "LAN msg failure: Invalid authtype: %d", data[4]);
++       return;
+     } else {
+ 	ipmi_handle_rmcp_msg(lan, &msg);
+     }
+-
+ }
+ 
+ static void
+-- 
+2.43.0
+