diff --git a/libvirt.spec b/libvirt.spec
index 6480ef6e1d02f16da5df905bd201696462c7a2b8..2216c56d36ee6d2f2f220e6cd378a620a32b7581 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -101,7 +101,7 @@
 Summary: Library providing a simple virtualization API
 Name: libvirt
 Version: 6.2.0
-Release: 15
+Release: 16
 License: LGPLv2+
 URL: https://libvirt.org/
 
@@ -148,6 +148,7 @@ Patch0035: cpu_map-Distribute-x86_Cooperlake.xml.patch
 Patch0036: storage_driver-Unlock-object-on-ACL-fail-in-storageP.patch
 Patch0037: security-fix-SELinux-label-generation-logic.patch
 Patch0038: nwfilter-fix-crash-when-counting-number-of-network-f.patch
+Patch0039: qemu-Add-missing-lock-in-qemuProcessHandleMonitorEOF.patch
 
 Requires: libvirt-daemon = %{version}-%{release}
 Requires: libvirt-daemon-config-network = %{version}-%{release}
@@ -1882,6 +1883,9 @@ exit 0
 
 
 %changelog
+* Thu Aug 25 2022 yezengruan <yezengruan@huawei.com>
+- qemu: Add missing lock in qemuProcessHandleMonitorEOF (CVE-2021-3975)
+
 * Mon Jun 20 2022 yezengruan <yezengruan@huawei.com>
 - nwfilter: fix crash when counting number of network filters (CVE-2022-0897)
 
diff --git a/qemu-Add-missing-lock-in-qemuProcessHandleMonitorEOF.patch b/qemu-Add-missing-lock-in-qemuProcessHandleMonitorEOF.patch
new file mode 100644
index 0000000000000000000000000000000000000000..33363890bf1155043d2daba8a5ff1d7191ad26d1
--- /dev/null
+++ b/qemu-Add-missing-lock-in-qemuProcessHandleMonitorEOF.patch
@@ -0,0 +1,38 @@
+From baaf85d9c8b304c6cc95a892fc23962e8175a817 Mon Sep 17 00:00:00 2001
+From: Peng Liang <liangpeng10@huawei.com>
+Date: Wed, 24 Feb 2021 19:28:23 +0800
+Subject: [PATCH] qemu: Add missing lock in qemuProcessHandleMonitorEOF
+
+qemuMonitorUnregister will be called in multiple threads (e.g. threads
+in rpc worker pool and the vm event thread).  In some cases, it isn't
+protected by the monitor lock, which may lead to call g_source_unref
+more than one time and a use-after-free problem eventually.
+
+Add the missing lock in qemuProcessHandleMonitorEOF (which is the only
+position missing lock of monitor I found).
+
+Suggested-by: Michal Privoznik <mprivozn@redhat.com>
+Signed-off-by: Peng Liang <liangpeng10@huawei.com>
+Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
+Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
+---
+ src/qemu/qemu_process.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
+index 6b9f6fb860..9701bb398b 100644
+--- a/src/qemu/qemu_process.c
++++ b/src/qemu/qemu_process.c
+@@ -315,7 +315,9 @@ qemuProcessHandleMonitorEOF(qemuMonitorPtr mon,
+     /* We don't want this EOF handler to be called over and over while the
+      * thread is waiting for a job.
+      */
++    virObjectLock(mon);
+     qemuMonitorUnregister(mon);
++    virObjectUnlock(mon);
+ 
+     /* We don't want any cleanup from EOF handler (or any other
+      * thread) to enter qemu namespace. */
+-- 
+2.27.0
+