diff --git a/0006-gssd-fix-the-possible-buffer-overflow-in-get_full_hostname.patch b/0006-gssd-fix-the-possible-buffer-overflow-in-get_full_hostname.patch
new file mode 100644
index 0000000000000000000000000000000000000000..d810379be18d998a6cab6fd2e11d6ca93c0ab1dd
--- /dev/null
+++ b/0006-gssd-fix-the-possible-buffer-overflow-in-get_full_hostname.patch
@@ -0,0 +1,29 @@
+From ff2077d10ad11ad7422d1bb22f5761da6610ca38 Mon Sep 17 00:00:00 2001
+From: zhangyaqi <zhangyaqi@kylinos.cn>
+Date: Tue, 6 May 2025 11:53:59 -0400
+Subject: [PATCH] gssd:fix the possible buffer overflow in get_full_hostname
+ 
+Signed-off-by: zhangyaqi <zhangyaqi@kylinos.cn>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+ 
+Reference:https://git.linux-nfs.org/?p=steved/nfs-utils.git;a=patch;h=ff2077d10ad11ad7422d1bb22f5761da6610ca38
+
+---
+ utils/gssd/krb5_util.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
+index 8c73748..6049e8a 100644
+--- a/utils/gssd/krb5_util.c
++++ b/utils/gssd/krb5_util.c
+@@ -612,6 +612,7 @@ get_full_hostname(const char *inhost, char *outhost, int outhostlen)
+ 		goto out;
+ 	}
+ 	strncpy(outhost, addrs->ai_canonname, outhostlen);
++	outhost[outhostlen - 1] = '\0';
+ 	nfs_freeaddrinfo(addrs);
+ 	for (c = outhost; *c != '\0'; c++)
+ 	    *c = tolower(*c);
+-- 
+2.43.0
+
diff --git a/nfs-utils.spec b/nfs-utils.spec
index fd8600a877426557b99a46f75a98ecb2b33d34c8..941e13749340694fa620a3499215c097ab00fd2b 100644
--- a/nfs-utils.spec
+++ b/nfs-utils.spec
@@ -4,7 +4,7 @@
 
 Name:    nfs-utils
 Version: 2.5.1
-Release: 8
+Release: 9
 Epoch:   1
 Summary: The Linux NFS userland utility package
 License: MIT and GPLv2 and GPLv2+ and BSD
@@ -18,6 +18,7 @@ Patch2:  0002-fix-coredump-in-bl_add_disk.patch
 Patch3:  0003-nfs-utils-set-use-gss-proxy-1-to-enable-gss-proxy-by.patch
 Patch4:  0004-nfs-blkmaped-Fix-the-error-status-when-nfs_blkmapd-s.patch
 Patch5:  0005-nfs-blkmapd-PID-file-read-by-systemd-failed.patch
+Patch6:  0006-gssd-fix-the-possible-buffer-overflow-in-get_full_hostname.patch
 
 BuildRequires: libevent-devel,libcap-devel, libtirpc-devel libblkid-devel
 BuildRequires: krb5-libs >= 1.4 autoconf >= 2.57 openldap-devel >= 2.2
@@ -226,6 +227,9 @@ fi
 %{_mandir}/*/*
 
 %changelog
+* Fri Sep 26 2025 zhangyaqi <zhangyaqi@kylinos.cn> - 1:2.5.1-9
+- gssd:fix the possible buffer overflow in get_full_hostname
+
 * Thu Nov 24 2022 Zhiqiang Liu <liuzhiqiang26@huawei.com> - 1:2.5.1-8
 - nfs-blkmapd: PID file read by systemd failed