diff --git a/backport-CVE-2022-38126.patch b/backport-CVE-2022-38126.patch
new file mode 100644
index 0000000000000000000000000000000000000000..21000dab27c1e4801697c77897747afeb7102b3c
--- /dev/null
+++ b/backport-CVE-2022-38126.patch
@@ -0,0 +1,34 @@
+From 753efb93dc018558c483111fbfe14c4ee8c84c51 Mon Sep 17 00:00:00 2001
+From: yinyongkang <yinyongkang@kylinos.cn>
+Date: Thu, 8 Sep 2022 17:14:11 +0800
+Subject: [PATCH] Replace a run-time assertion failure with a warning message
+ when parsing corrupt...
+
+PR 29289
+* dwarf.c (display_debug_names): Replace assert with a warning
+message.
+---
+ binutils/dwarf.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/binutils/dwarf.c b/binutils/dwarf.c
+index 1e7f4db7..7c54820a 100644
+--- a/binutils/dwarf.c
++++ b/binutils/dwarf.c
+@@ -9781,7 +9781,12 @@ display_debug_names (struct dwarf_section *section, void *file)
+       printf (_("Out of %lu items there are %zu bucket clashes"
+ 		" (longest of %zu entries).\n"),
+ 	      (unsigned long) name_count, hash_clash_count, longest_clash);
+-      assert (name_count == buckets_filled + hash_clash_count);
++         
++      if (name_count != buckets_filled + hash_clash_count)
++        warn (_("The name_count (%lu) is not the same as the used bucket_count (%lu) + the hash clash count (%lu)"),
++              (unsigned long) name_count,
++              (unsigned long) buckets_filled,
++              (unsigned long) hash_clash_count);
+ 
+       struct abbrev_lookup_entry
+       {
+-- 
+2.33.0
+
diff --git a/binutils.spec b/binutils.spec
index 854b53c1b6315e0e2b3811d8f14d0dbf0ab74f85..9a041b42be4016e0d7c9699e054c9e5f339eed36 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -1,7 +1,7 @@
 Summary: Binary utilities
 Name:    binutils
 Version: 2.37
-Release: 9
+Release: 10
 License: GPLv3+
 URL:     https://sourceware.org/binutils
 
@@ -62,6 +62,7 @@ Patch38: 0026-opcodes-Make-i386-dis.c-thread-safe.patch
 Patch39: 0027-x86-reduce-AVX512-FP16-set-of-insns-decoded-through-.patch
 Patch40: 0028-x86-reduce-AVX512-FP-set-of-insns-decoded-through-ve.patch
 Patch41: 0029-x86-consistently-use-scalar_mode-for-AVX512-FP16-sca.patch
+Patch42: backport-CVE-2022-38126.patch
 
 
 Provides: bundled(libiberty)
@@ -385,6 +386,12 @@ fi
 %{_infodir}/bfd*info*
 
 %changelog
+* Thu Sep 8 2022 yinyongkang <yinyongkang@kylinos.cn> - 2.37-10
+- Type:CVE
+- ID:CVE-2022-38126
+- SUG:NA
+- DESC:Fix CVE-2022-38126
+
 * Tue Aug 11 2022 dingguangya <dingguangya1@huawei.com> - 2.37-9
 - Type:requirements
 - ID:NA