diff --git a/libvirt.spec b/libvirt.spec
index 84334570a00243f51fb40e638a343bd5b8600778..205a868fb743b0d3c4560b3d05a0382c6acb80a4 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -101,7 +101,7 @@
 Summary: Library providing a simple virtualization API
 Name: libvirt
 Version: 6.2.0
-Release: 41
+Release: 42
 License: LGPLv2+
 URL: https://libvirt.org/
 
@@ -251,6 +251,7 @@ Patch0138: sw_64-Add-sw64-architecture-support.patch
 Patch0139: src-workaround-warning-triggered-in-glib-2.69.patch
 Patch0140: nwfilter-fix-crash-when-counting-number-of-network-f.patch
 Patch0141: apibuild-Fix-self.waring-method-call.patch
+Patch0142: qemu-Add-missing-lock-in-qemuProcessHandleMonitorEOF.patch
 
 Requires: libvirt-daemon = %{version}-%{release}
 Requires: libvirt-daemon-config-network = %{version}-%{release}
@@ -1985,6 +1986,9 @@ exit 0
 
 
 %changelog
+* Thu Aug 25 2022 yezengruan <yezengruan@huawei.com> - 6.2.0-42
+- qemu: Add missing lock in qemuProcessHandleMonitorEOF (CVE-2021-3975)
+
 * Thu Aug 11 2022 yezengruan <yezengruan@huawei.com> - 6.2.0-41
 - apibuild: Fix self.waring method call
 
diff --git a/qemu-Add-missing-lock-in-qemuProcessHandleMonitorEOF.patch b/qemu-Add-missing-lock-in-qemuProcessHandleMonitorEOF.patch
new file mode 100644
index 0000000000000000000000000000000000000000..94331e8eecb9995ea73aa0acd7f5d2182e7a249b
--- /dev/null
+++ b/qemu-Add-missing-lock-in-qemuProcessHandleMonitorEOF.patch
@@ -0,0 +1,38 @@
+From 0f32142c4a92c9aca7890f25e89b56973a906201 Mon Sep 17 00:00:00 2001
+From: Peng Liang <liangpeng10@huawei.com>
+Date: Wed, 24 Feb 2021 19:28:23 +0800
+Subject: [PATCH] qemu: Add missing lock in qemuProcessHandleMonitorEOF
+
+qemuMonitorUnregister will be called in multiple threads (e.g. threads
+in rpc worker pool and the vm event thread).  In some cases, it isn't
+protected by the monitor lock, which may lead to call g_source_unref
+more than one time and a use-after-free problem eventually.
+
+Add the missing lock in qemuProcessHandleMonitorEOF (which is the only
+position missing lock of monitor I found).
+
+Suggested-by: Michal Privoznik <mprivozn@redhat.com>
+Signed-off-by: Peng Liang <liangpeng10@huawei.com>
+Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
+Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
+---
+ src/qemu/qemu_process.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
+index d9209ac6d2..74bb9613bc 100644
+--- a/src/qemu/qemu_process.c
++++ b/src/qemu/qemu_process.c
+@@ -316,7 +316,9 @@ qemuProcessHandleMonitorEOF(qemuMonitorPtr mon,
+     /* We don't want this EOF handler to be called over and over while the
+      * thread is waiting for a job.
+      */
++    virObjectLock(mon);
+     qemuMonitorUnregister(mon);
++    virObjectUnlock(mon);
+ 
+     /* We don't want any cleanup from EOF handler (or any other
+      * thread) to enter qemu namespace. */
+-- 
+2.27.0
+