diff --git a/backport-CVE-2025-0840.patch b/backport-CVE-2025-0840.patch
new file mode 100644
index 0000000000000000000000000000000000000000..f91116a1e818296bf4a89af00d7aeb8ddc8acf3f
--- /dev/null
+++ b/backport-CVE-2025-0840.patch
@@ -0,0 +1,53 @@
+From baac6c221e9d69335bf41366a1c7d87d8ab2f893 Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Wed, 15 Jan 2025 19:13:43 +1030
+Subject: [PATCH] PR32560 stack-buffer-overflow at objdump disassemble_bytes
+
+There's always someone pushing the boundaries.
+
+	PR 32560
+	* objdump.c (MAX_INSN_WIDTH): Define.
+	(insn_width): Make it an unsigned long.
+	(disassemble_bytes): Use MAX_INSN_WIDTH to size buffer.
+	(main <OPTION_INSN_WIDTH>): Restrict size of insn_width.
+---
+ binutils/objdump.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/binutils/objdump.c b/binutils/objdump.c
+index ecbe39e942e..80044dea580 100644
+--- a/binutils/objdump.c
++++ b/binutils/objdump.c
+@@ -109,7 +109,8 @@
+ static int disassemble_zeroes;		/* --disassemble-zeroes */
+ static bfd_boolean formats_info;	/* -i */
+ static int wide_output;			/* -w */
+-static int insn_width;			/* --insn-width */
++#define MAX_INSN_WIDTH 49
++static unsigned long insn_width;	/* --insn-width */
+ static bfd_vma start_address = (bfd_vma) -1; /* --start-address */
+ static bfd_vma stop_address = (bfd_vma) -1;  /* --stop-address */
+ static int dump_debugging;		/* --debugging */
+@@ -2738,7 +2739,7 @@
+ 	}
+       else
+ 	{
+-	  char buf[50];
++	  char buf[MAX_INSN_WIDTH + 1];
+ 	  int bpc = 0;
+ 	  int pb = 0;
+ 
+@@ -5288,8 +5289,9 @@
+ 	  break;
+ 	case OPTION_INSN_WIDTH:
+ 	  insn_width = strtoul (optarg, NULL, 0);
+-	  if (insn_width <= 0)
+-	    fatal (_("error: instruction width must be positive"));
++	  if (insn_width - 1 >= MAX_INSN_WIDTH)
++	    fatal (_("error: instruction width must be in the range 1 to "
++		     XSTRING (MAX_INSN_WIDTH)));
+ 	  break;
+ 	case OPTION_INLINES:
+ 	  unwind_inlines = TRUE;
+-- 
+2.43.5
diff --git a/binutils.spec b/binutils.spec
index 939770c95e16ce762ace3cc1d72c71db1d6e7ce7..ab53fdd94242a7bfed86b9d4d49b95f4140535e5 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -1,7 +1,7 @@
 Summary: Binary utilities
 Name:    binutils
 Version: 2.34
-Release: 32
+Release: 33
 License: GPLv3+
 URL:     https://sourceware.org/binutils
 
@@ -69,6 +69,7 @@ Patch52: backport-ubsan-shift-exponent-70-is-too-large.patch
 Patch53: backport-ubsan-shift-exponent-is-too-large.patch
 Patch54: backport-asan-readelf-use-after-free-in-process_archive.patch
 Patch55: CVE-2022-44840.patch
+Patch56: backport-CVE-2025-0840.patch
 
 Provides: bundled(libiberty)
 
@@ -323,6 +324,9 @@ fi
 %{_infodir}/bfd*info*
 
 %changelog
+* Thu Feb 06 2025 Funda Wang <fundawang@yeah.net> - 2.34-33
+- fix CVE-2025-0840
+
 * Fri Oct 25 2024 Linux_zhang <zhangruifang@h-partners.com> - 2.34-32
 - fix CVE-2022-44840