diff --git a/0016-Enhance-security-for-share-library.patch b/0016-Enhance-security-for-share-library.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8fa21d488157ccdd09ecc706c12fa3c41bde044c
--- /dev/null
+++ b/0016-Enhance-security-for-share-library.patch
@@ -0,0 +1,28 @@
+From 56b3831310673beeb0b7d5121cf36b1993ebe322 Mon Sep 17 00:00:00 2001
+From: Weifeng Su <suweifeng1@huawei.com>
+Date: Tue, 15 Mar 2022 11:25:02 +0000
+Subject: [PATCH] Enhance security for share library
+
+Remove rpath link option, Due to it's easy for attacher to
+construct 'rpath' attacks.
+
+Signed-off-by: Weifeng Su <suweifeng1@huawei.com>
+---
+ mk/spdk.common.mk | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/mk/spdk.common.mk b/mk/spdk.common.mk
+index f9409c4..8569687 100644
+--- a/mk/spdk.common.mk
++++ b/mk/spdk.common.mk
+@@ -293,7 +293,6 @@ LINK_CXX=\
+ # Provide function to ease build of a shared lib
+ define spdk_build_realname_shared_lib
+ 	$(CC) -o $@ -shared $(CPPFLAGS) $(LDFLAGS) \
+-	    -Wl,-rpath=$(DESTDIR)/$(libdir) \
+ 	    -Wl,--soname,$(notdir $@) \
+ 	    -Wl,--whole-archive $(1) -Wl,--no-whole-archive \
+ 	    -Wl,--version-script=$(2) \
+-- 
+2.27.0
+
diff --git a/spdk.spec b/spdk.spec
index bb17a3655ca8c45b0c91755c70f252f8cd19297e..193a4a0e547549bdd8fb806b888b3aa04bbabb09 100644
--- a/spdk.spec
+++ b/spdk.spec
@@ -3,7 +3,7 @@
 
 Name: spdk
 Version: 21.01.1
-Release: 3
+Release: 4
 Summary: Set of libraries and utilities for high performance user-mode storage
 License: BSD and MIT
 URL: http://spdk.io
@@ -23,6 +23,7 @@ Patch12: 0012-spdk-use-fstack-protector-strong-instead-of-fstack-p.patch
 Patch13: 0013-lib-vhost-Fix-compilation-with-dpdk-21.11.patch
 Patch14: 0014-mk-Fix-debug-build-error-on-ARM-ThunderX2-and-neoverse_N1_platform.patch
 Patch15: 0015-configure-add-gcc-version-check-for-ARM-Neoverse-N1_platform.patch
+Patch16: 0016-Enhance-security-for-share-library.patch
 
 %define package_version %{version}-%{release}
 
@@ -176,6 +177,10 @@ mv doc/output/html/ %{install_docdir}
 
 
 %changelog
+* Tue Mar 15 2022 Weifeng Su <suweifeng1@huawei.com> - 21.01.1-4
+- Remove rpath link option, Due to it's easy for attacher to
+  construct 'rpath' attacks
+
 * Fri Feb 25 2022 Hongtao Zhang <zhanghongtao22@huawei.com> - 21.01.1-3
 - Fix build error on ARM ThunderX2 and neoverse N1 platform