diff --git a/backport-CVE-2020-16592-PR25823-Use-after-free-in-bfd_hash_lookup.patch b/backport-CVE-2020-16592-PR25823-Use-after-free-in-bfd_hash_lookup.patch
new file mode 100644
index 0000000000000000000000000000000000000000..d91f559c2ab52a36816d98311b67da67da7c2350
--- /dev/null
+++ b/backport-CVE-2020-16592-PR25823-Use-after-free-in-bfd_hash_lookup.patch
@@ -0,0 +1,56 @@
+From 7ecb51549ab1ec22aba5aaf34b70323cf0b8509a Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Wed, 15 Apr 2020 18:58:11 +0930
+Subject: [PATCH] PR25823, Use after free in bfd_hash_lookup
+
+	PR 25823
+	* peXXigen.c (_bfd_XXi_swap_sym_in <C_SECTION>): Don't use a
+	pointer into strings that may be freed for section name, always
+	allocate a new string.
+---
+ bfd/peXXigen.c | 20 ++++++++++----------
+ 1 files changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
+index b9eeb77..8aa5914 100644
+--- a/bfd/peXXigen.c
++++ b/bfd/peXXigen.c
+@@ -177,25 +177,25 @@ _bfd_XXi_swap_sym_in (bfd * abfd, void * ext1, void * in1)
+ 	  int unused_section_number = 0;
+ 	  asection *sec;
+ 	  flagword flags;
++	  size_t name_len;
++	  char *sec_name;
+ 
+ 	  for (sec = abfd->sections; sec; sec = sec->next)
+ 	    if (unused_section_number <= sec->target_index)
+ 	      unused_section_number = sec->target_index + 1;
+ 
+-	  if (name == namebuf)
++	  name_len = strlen (name) + 1;
++	  sec_name = bfd_alloc (abfd, name_len);
++	  if (sec_name == NULL)
+ 	    {
+-	      name = (const char *) bfd_alloc (abfd, strlen (namebuf) + 1);
+-	      if (name == NULL)
+-		{
+-		  _bfd_error_handler (_("%pB: out of memory creating name for empty section"),
+-				      abfd);
+-		  return;
+-		}
+-	      strcpy ((char *) name, namebuf);
++	      _bfd_error_handler (_("%pB: out of memory creating name "
++				    "for empty section"), abfd);
++	      return;
+ 	    }
++	  memcpy (sec_name, name, name_len);
+ 
+ 	  flags = SEC_HAS_CONTENTS | SEC_ALLOC | SEC_DATA | SEC_LOAD;
+-	  sec = bfd_make_section_anyway_with_flags (abfd, name, flags);
++	  sec = bfd_make_section_anyway_with_flags (abfd, sec_name, flags);
+ 	  if (sec == NULL)
+ 	    {
+ 	      _bfd_error_handler (_("%pB: unable to create fake empty section"),
+-- 
+1.8.3.1
+
diff --git a/binutils.spec b/binutils.spec
index 14fdb348599456d193b0ed1c090b642e95f6da6d..977298fca811fedebeb959804dd070f883ae4a25 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -1,7 +1,7 @@
 Summary: Binary utilities
 Name:    binutils
 Version: 2.34
-Release: 4
+Release: 5
 License: GPLv3+
 URL:     https://sourceware.org/binutils
 
@@ -33,7 +33,8 @@ Patch16: asan-more-readelf-leaks.patch
 Patch17: Re-asan-more-readelf-leaks.patch
 Patch18: readelf-leak-in-process_archive.patch
 Patch19: metag-uninitialized-memory-read.patch
-Patch20: Fix-a-potential-use-of-an-uninitialised-value-in-the.patch 
+Patch20: Fix-a-potential-use-of-an-uninitialised-value-in-the.patch
+Patch21: backport-CVE-2020-16592-PR25823-Use-after-free-in-bfd_hash_lookup.patch 
 
 Provides: bundled(libiberty)
 
@@ -319,6 +320,12 @@ fi
 %{_infodir}/bfd*info*
 
 %changelog
+* Sat Jan 9 2021 zoulin <zoulin13@huawei.com> - 2.34-5
+- Type:CVE
+- ID:NA
+- SUG:NA
+- DESC:fix CVE-2020-16592
+
 * Wed Sep 23 2020 zoulin <zoulin13@huawei.com> - 2.34-4
 - Type:bugfix
 - ID:NA