diff --git a/backport-CVE-2022-48064.patch b/backport-CVE-2022-48064.patch
new file mode 100644
index 0000000000000000000000000000000000000000..5581309e8d7cb3ac28db185cbf2659f994c3a358
--- /dev/null
+++ b/backport-CVE-2022-48064.patch
@@ -0,0 +1,55 @@
+From c732ae93a2592431f94b3d92759028551088c40e Mon Sep 17 00:00:00 2001
+From: liningjie <liningjie@xfusion.com>
+Date: Thu, 31 Aug 2023 11:36:07 +0800
+Subject: [PATCH] PR29922, SHT_NOBITS section avoids section size sanity check
+
+PR 29922
+* dwarf2.c (find_debug_info): Ignore sections without
+SEC_HAS_CONTENTS.
+---
+ bfd/dwarf2.c | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
+index dd3568a8..807e9539 100644
+--- a/bfd/dwarf2.c
++++ b/bfd/dwarf2.c
+@@ -3913,19 +3913,22 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections,
+     {
+       look = debug_sections[debug_info].uncompressed_name;
+       msec = bfd_get_section_by_name (abfd, look);
+-      if (msec != NULL)
++      /* Testing SEC_HAS_CONTENTS is an anti-fuzzer measure.  Of
++	 course debug sections always have contents.  */
++      if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0)
+ 	return msec;
+ 
+       look = debug_sections[debug_info].compressed_name;
+       if (look != NULL)
+ 	{
+ 	  msec = bfd_get_section_by_name (abfd, look);
+-	  if (msec != NULL)
++	  if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0)
+ 	    return msec;
+ 	}
+ 
+       for (msec = abfd->sections; msec != NULL; msec = msec->next)
+-	if (CONST_STRNEQ (msec->name, GNU_LINKONCE_INFO))
++	if ((msec->flags & SEC_HAS_CONTENTS) != 0
++        && CONST_STRNEQ (msec->name, GNU_LINKONCE_INFO))
+ 	  return msec;
+ 
+       return NULL;
+@@ -3933,6 +3936,9 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections,
+ 
+   for (msec = after_sec->next; msec != NULL; msec = msec->next)
+     {
++      if ((msec->flags & SEC_HAS_CONTENTS) == 0)
++	continue;
++
+       look = debug_sections[debug_info].uncompressed_name;
+       if (strcmp (msec->name, look) == 0)
+ 	return msec;
+-- 
+2.42.0.windows.2
+
diff --git a/binutils.spec b/binutils.spec
index 4ad3ffb16e37200873412e76b3340532adef90d2..ac21cb4742da1cbe5c21fd391675206f5d3ebdcf 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -1,7 +1,7 @@
 Summary: Binary utilities
 Name:    binutils
 Version: 2.34
-Release: 26
+Release: 27
 License: GPLv3+
 URL:     https://sourceware.org/binutils
 
@@ -63,6 +63,7 @@ Patch46: CVE-2022-47008.patch
 Patch47: backport-CVE-2022-47011.patch
 Patch48: backport-CVE-2022-47696.patch
 Patch49: backport-CVE-2021-46174.patch
+Patch50: backport-CVE-2022-48064.patch
 
 Provides: bundled(libiberty)
 
@@ -341,6 +342,9 @@ fi
 %{_infodir}/bfd*info*
 
 %changelog
+* Thu Aug 31 2023 liningjie <liningjie@xfusion.com> - 2.34-27
+- fix CVE-2022-48064
+
 * Tue Aug 29 2023 liningjie <liningjie@xfusion.com> - 2.34-26
 - fix CVE-2021-46174