diff --git a/backport-fix-nm-release-NM-client-after-a-timeout.patch b/backport-fix-nm-release-NM-client-after-a-timeout.patch
new file mode 100644
index 0000000000000000000000000000000000000000..b4c22a95f0db7a06280d602886344354b7e76f2e
--- /dev/null
+++ b/backport-fix-nm-release-NM-client-after-a-timeout.patch
@@ -0,0 +1,61 @@
+From eb76e2a80a43481da7a54ff784edf1c76651db96 Mon Sep 17 00:00:00 2001
+From: Eric Garver <eric@garver.life>
+Date: Wed, 22 Nov 2023 12:10:09 -0500
+Subject: [PATCH] fix(nm): release NM client after a timeout
+
+Conflict: NA
+Reference: https://github.com/firewalld/firewalld/commit/eb76e2a80a43481da7a54ff784edf1c76651db96
+
+libnm will accumulate a bunch of data, e.g. routes, that is irrelevant
+to firewalld. To avoid unbound growth in memory we can destroy the
+client and reinitialize it when we query NM.
+
+Fixes: #1232
+---
+ src/firewall/core/fw_nm.py | 20 ++++++++++++++++++++
+ 1 file changed, 20 insertions(+)
+
+diff --git a/src/firewall/core/fw_nm.py b/src/firewall/core/fw_nm.py
+index 0e38dd4..c1f8e1d 100644
+--- a/src/firewall/core/fw_nm.py
++++ b/src/firewall/core/fw_nm.py
+@@ -39,6 +39,7 @@ else:
+     except (ImportError, ValueError, GLib.Error):
+         _nm_imported = False
+ _nm_client = None
++_nm_client_timeout = None
+ 
+ from firewall import errors
+ from firewall.errors import FirewallError
+@@ -61,9 +62,28 @@ def nm_get_client():
+     """Returns the NM client object or None if the import of NM failed
+     @return NM.Client instance if import was successful, None otherwise
+     """
++
++    def _release():
++        """
++        Release the client to avoid excess memory usage when libnm pushes
++        irrelevant (to firewalld) updates.
++        """
++        global _nm_client
++        global _nm_client_timeout
++        _nm_client = None
++        _nm_client_timeout = None
++
+     global _nm_client
++    global _nm_client_timeout
++
+     if not _nm_client:
+         _nm_client = NM.Client.new(None)
++    else:
++        # refresh timer
++        GLib.source_remove(_nm_client_timeout)
++
++    _nm_client_timeout = GLib.timeout_add_seconds(5, _release)
++
+     return _nm_client
+ 
+ def nm_get_zone_of_connection(connection):
+-- 
+2.33.0
+
diff --git a/firewalld.spec b/firewalld.spec
index 5556035b80cc02c3acb8a17c672507fdd64711d9..139919cdcddcb44dd82f1e3a8cbc205b7873615e 100644
--- a/firewalld.spec
+++ b/firewalld.spec
@@ -1,6 +1,6 @@
 Name:      firewalld
 Version:   1.0.2
-Release:   8
+Release:   9
 Summary:   A firewall daemon with D-Bus interface providing a dynamic firewall
 License:   GPLv2+
 URL:       http://www.firewalld.org
@@ -20,6 +20,8 @@ Patch8:    0001-fix-config-Specify-the-translation-encoding-format-a.patch
 Patch9:    backport-chore-nftables-add-delete-table-helper.patch
 Patch10:   backport-fix-nftables-always-flush-main-table-on-start.patch
 
+Patch11:   backport-fix-nm-release-NM-client-after-a-timeout.patch
+
 BuildArch:     noarch
 BuildRequires: autoconf automake desktop-file-utils gettext intltool glib2 glib2-devel systemd-units docbook-style-xsl
 BuildRequires: libxslt iptables ebtables ipset python3-devel
@@ -241,6 +243,12 @@ fi
 %{_datadir}/firewalld/testsuite/python/firewalld_test.py
 
 %changelog
+* Sat Jan 06 2024 zhanghao <zhanghao383@huawei.com> - 1.0.2-9
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fix(nm): release NM client after a timeout
+
 * Tue Sep 26 2023 zhanghao <zhanghao383@huawei.com> - 1.0.2-8
 - Type:bugfix
 - ID:NA