diff --git a/backport-CVE-2021-3487.patch b/backport-CVE-2021-3487.patch
new file mode 100644
index 0000000000000000000000000000000000000000..fc6e002d1fec4107cfc51bacf051fc011c38a422
--- /dev/null
+++ b/backport-CVE-2021-3487.patch
@@ -0,0 +1,76 @@
+From 647cebce12a6b0a26960220caff96ff38978cf24 Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Thu, 26 Nov 2020 17:08:33 +0000
+Subject: [PATCH] Prevent a memory allocation failure when parsing corrupt
+ DWARF debug sections.
+
+	PR 26946
+	* dwarf2.c (read_section): Check for debug sections with excessive
+	sizes.
+---
+ bfd/ChangeLog |  6 ++++++
+ bfd/dwarf2.c  | 25 +++++++++++++++++++------
+ 2 files changed, 25 insertions(+), 6 deletions(-)
+
+diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
+index 977bf43..8bbfc81 100644
+--- a/bfd/dwarf2.c
++++ b/bfd/dwarf2.c
+@@ -531,22 +531,24 @@ read_section (bfd *	      abfd,
+ 	      bfd_byte **     section_buffer,
+ 	      bfd_size_type * section_size)
+ {
+-  asection *msec;
+   const char *section_name = sec->uncompressed_name;
+   bfd_byte *contents = *section_buffer;
+-  bfd_size_type amt;
+ 
+   /* The section may have already been read.  */
+   if (contents == NULL)
+     {
++      bfd_size_type amt;
++      asection *msec;
++      ufile_ptr filesize;
++
+       msec = bfd_get_section_by_name (abfd, section_name);
+-      if (! msec)
++      if (msec == NULL)
+ 	{
+ 	  section_name = sec->compressed_name;
+ 	  if (section_name != NULL)
+ 	    msec = bfd_get_section_by_name (abfd, section_name);
+ 	}
+-      if (! msec)
++      if (msec == NULL)
+ 	{
+ 	  _bfd_error_handler (_("DWARF error: can't find %s section."),
+ 			      sec->uncompressed_name);
+@@ -554,12 +556,23 @@ read_section (bfd *	      abfd,
+ 	  return FALSE;
+ 	}
+ 
+-      *section_size = msec->rawsize ? msec->rawsize : msec->size;
++      amt = bfd_get_section_limit_octets (abfd, msec);
++      filesize = bfd_get_file_size (abfd);
++      if (amt >= filesize)
++	{
++	  /* PR 26946 */
++	  _bfd_error_handler (_("DWARF error: section %s is larger than its filesize! (0x%lx vs 0x%lx)"),
++			      section_name, (long) amt, (long) filesize);
++	  bfd_set_error (bfd_error_bad_value);
++	  return FALSE;
++	}
++      *section_size = amt;
+       /* Paranoia - alloc one extra so that we can make sure a string
+ 	 section is NUL terminated.  */
+-      amt = *section_size + 1;
++      amt += 1;
+       if (amt == 0)
+ 	{
++	  /* Paranoia - this should never happen.  */
+ 	  bfd_set_error (bfd_error_no_memory);
+ 	  return FALSE;
+ 	}
+-- 
+1.8.3.1
+
diff --git a/binutils.spec b/binutils.spec
index 20bb2b82ec605fd6ef3552e7e1a8287c435f0fbf..fc135164b3090adb4277a0a96df32b9ee22530c0 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -1,7 +1,7 @@
 Summary: Binary utilities
 Name:    binutils
 Version: 2.34
-Release: 9
+Release: 10
 License: GPLv3+
 URL:     https://sourceware.org/binutils
 
@@ -41,6 +41,7 @@ Patch24: backport-0002-CVE-2021-20197.patch
 Patch25: backport-0003-CVE-2021-20197.patch
 Patch26: backport-Fix-a-build-problem-when-using-FreeBSD-12.patch
 Patch27: backport-0004-CVE-2021-20197.patch
+Patch28: backport-CVE-2021-3487.patch
 
 Provides: bundled(libiberty)
 
@@ -319,6 +320,12 @@ fi
 %{_infodir}/bfd*info*
 
 %changelog
+* Fri Apr 23 2021 lirui <lirui130@huawei.com> - 2.34-10
+- Type:CVE
+- ID:NA
+- SUG:NA
+- DESC:fix CVE-2021-3487
+
 * Fri Apr 16 2021 lirui <lirui130@huawei.com> - 2.34-9
 - Type:CVE
 - ID:NA