diff --git a/hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch b/hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8d6c210705adaaaa24e1e335c0dbd96d28610376
--- /dev/null
+++ b/hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch
@@ -0,0 +1,42 @@
+From bbca8884fad1975c3a9b5eab2a4910d1079fddf8 Mon Sep 17 00:00:00 2001
+From: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Date: Sun, 3 Apr 2022 12:52:34 +0300
+Subject: [PATCH] hw/pvrdma: Protect against buggy or malicious guest driver
+
+Guest driver might execute HW commands when shared buffers are not yet
+allocated.
+This could happen on purpose (malicious guest) or because of some other
+guest/host address mapping error.
+We need to protect againts such case.
+
+Fixes: CVE-2022-1050
+
+Reported-by: Raven <wxhusst@gmail.com>
+Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
+Message-Id: <20220403095234.2210-1-yuval.shaia.ml@gmail.com>
+Signed-off-by: Laurent Vivier <laurent@vivier.eu>
+Signed-off-by: liuxiangdong <liuxiangdong5@huawei.com>
+---
+ hw/rdma/vmw/pvrdma_cmd.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/hw/rdma/vmw/pvrdma_cmd.c b/hw/rdma/vmw/pvrdma_cmd.c
+index dca8f36693..99be9657e3 100644
+--- a/hw/rdma/vmw/pvrdma_cmd.c
++++ b/hw/rdma/vmw/pvrdma_cmd.c
+@@ -797,6 +797,12 @@ int pvrdma_exec_cmd(PVRDMADev *dev)
+ 
+     dsr_info = &dev->dsr_info;
+ 
++    if (!dsr_info->dsr) {
++            /* Buggy or malicious guest driver */
++            rdma_error_report("Exec command without dsr, req or rsp buffers");
++            goto out;
++    }
++
+     if (dsr_info->req->hdr.cmd >= sizeof(cmd_handlers) /
+                       sizeof(struct cmd_handler)) {
+         rdma_error_report("Unsupported command");
+-- 
+2.36.1
+
diff --git a/qemu.spec b/qemu.spec
index 9fe62402971aa51471018ebb2b8be30d129920b9..1732db2d62773dca77d82602ca783bc83398fe95 100644
--- a/qemu.spec
+++ b/qemu.spec
@@ -1,6 +1,6 @@
 Name: qemu
 Version: 4.1.0
-Release: 72
+Release: 73
 Epoch: 10
 Summary: QEMU is a generic and open source machine emulator and virtualizer
 License: GPLv2 and BSD and MIT and CC-BY-SA-4.0
@@ -347,6 +347,7 @@ Patch0334: hw-display-qxl-Document-qxl_phys2virt.patch
 Patch0335: hw-display-qxl-Pass-requested-buffer-size-to-qxl_phy.patch
 Patch0336: hw-display-qxl-Avoid-buffer-overrun-in-qxl_phys2virt.patch
 Patch0337: hw-display-qxl-Assert-memory-slot-fits-in-preallocat.patch
+Patch0338: hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch
 
 BuildRequires: flex
 BuildRequires: bison
@@ -748,6 +749,9 @@ getent passwd qemu >/dev/null || \
 %endif
 
 %changelog
+* Thu May 18 2023 liuxiangdong <liuxiangdong5@huawei.com>
+- hw/pvrdma: Protect against buggy or malicious guest driver (CVE-2022-1050)
+
 * Mon Dec 05 yezengruan <yezengruan@huawei.com>
 - fix CVE-2022-4144