diff --git a/CVE-2020-21528.patch b/CVE-2020-21528.patch
new file mode 100644
index 0000000000000000000000000000000000000000..358904c7986ab1f0f28b0f42494cc4933cd41a20
--- /dev/null
+++ b/CVE-2020-21528.patch
@@ -0,0 +1,43 @@
+From 93c774d482694643cafbc82578ac8b729fb5bc8b Mon Sep 17 00:00:00 2001
+From: Cyrill Gorcunov <gorcunov@gmail.com>
+Date: Wed, 4 Nov 2020 13:08:06 +0300
+Subject: [PATCH] BR3392637: output/outieee: Fix nil dereference
+
+The handling been broken in commit 98578071.
+
+Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
+---
+ output/outieee.c | 17 +++++++++++++++++
+ 1 file changed, 17 insertions(+)
+
+diff --git a/output/outieee.c b/output/outieee.c
+index bff2f085..b3ccc5f6 100644
+--- a/output/outieee.c
++++ b/output/outieee.c
+@@ -795,6 +795,23 @@ static int32_t ieee_segment(char *name, int *bits)
+             define_label(name, seg->index + 1, 0L, false);
+         ieee_seg_needs_update = NULL;
+ 
++        /*
++         * In commit 98578071b9d71ecaa2344dd9c185237c1765041e
++         * we reworked labels significantly which in turn lead
++         * to the case where seg->name = NULL here and we get
++         * nil dereference in next segments definitions.
++         *
++         * Lets placate this case with explicit name setting
++         * if labels engine didn't set it yet.
++         *
++         * FIXME: Need to revisit this moment if such fix doesn't
++         * break anything but since IEEE 695 format is veeery
++         * old I don't expect there are many users left. In worst
++         * case this should only lead to a memory leak.
++         */
++        if (!seg->name)
++            seg->name = nasm_strdup(name);
++
+         if (seg->use32)
+             *bits = 32;
+         else
+-- 
+2.27.0
+
diff --git a/nasm.spec b/nasm.spec
index 54576ddc6b42261cb2824893c26e960a8864a5f9..d24b2cf91488324d26eef387aa832cf321ab731c 100644
--- a/nasm.spec
+++ b/nasm.spec
@@ -8,7 +8,7 @@
 
 Name:     nasm
 Version:  2.15.05
-Release:  5
+Release:  6
 Summary:  The Netwide Assembler, a portable x86 assembler with Intel-like syntax
 License:  BSD
 URL:      http://www.nasm.us
@@ -20,6 +20,9 @@ Patch6001: fix-help-info-error.patch
 # https://github.com/netwide-assembler/nasm/commit/2d4e6952417ec6f08b6f135d2b5d0e19b7dae30d
 Patch6002: CVE-2022-44370.patch
 #https://bugzilla.nasm.us/attachment.cgi?id=411648
+
+Patch6003: CVE-2020-21528.patch
+
 BuildRequires: perl(Env) autoconf asciidoc xmlto gcc make git
 
 Provides:  %{name}-rdoff
@@ -91,6 +94,9 @@ make test
 %{_mandir}/man1/ld*
 
 %changelog
+* Wed Aug 23 2023 hongjinghao <hongjinghao@huawei.com> - 2.15.05-6
+- Fix CVE-2020-21528
+
 * Wed Apr 12 2023 yaoxin <yao_xin001@hoperun.com> - 2.15.05-5
 - Fix CVE-2022-44370