diff --git a/backport-PR29171-invalid-read-causing-SIGSEGV.patch b/backport-PR29171-invalid-read-causing-SIGSEGV.patch
new file mode 100644
index 0000000000000000000000000000000000000000..7899e0bd010a524b4f500c12515f4998dbd25688
--- /dev/null
+++ b/backport-PR29171-invalid-read-causing-SIGSEGV.patch
@@ -0,0 +1,54 @@
+From be38442ddacf1fd25c8868d0491ea9e98b0e9ca7 Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Tue, 24 May 2022 10:47:35 +0930
+Subject: [PATCH] PR29171, invalid read causing SIGSEGV
+
+The fix here is to pass "section" down to read_and_display_attr_value.
+The test in read_and_display_attr_value is a little bit of hardening.
+
+	PR 29171
+	* dwarf.c (display_debug_macro, display_debug_names): Pass section
+	to read_and_display_attr_value2.
+	(read_and_display_attr_value): Don't attempt to check for .dwo
+	section name when section is NULL.
+---
+ binutils/dwarf.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/binutils/dwarf.c b/binutils/dwarf.c
+index d820c21527f..a0dfd4df481 100644
+--- a/binutils/dwarf.c
++++ b/binutils/dwarf.c
+@@ -2717,7 +2717,7 @@ read_and_display_attr_value (unsigned long           attribute,
+     case DW_FORM_GNU_str_index:
+       if (!do_loc)
+ 	{
+-	  const char * suffix = strrchr (section->name, '.');
++	  const char * suffix = section ? strrchr (section->name, '.') : NULL;
+ 	  bfd_boolean  dwo = (suffix && strcmp (suffix, ".dwo") == 0) ? TRUE : FALSE;
+ 
+ 	  printf (_("%c(indexed string: 0x%s): %s"), delimiter,
+@@ -6273,8 +6273,9 @@ display_debug_macro (struct dwarf_section *section,
+ 		      SAFE_BYTE_GET_AND_INC (val, desc, 1, end);
+ 		      curr
+ 			= read_and_display_attr_value (0, val, 0,
+-						       start, curr, end, 0, 0, offset_size,
+-						       version, NULL, 0, NULL,
++						       start, curr, end, 0, 0,
++						       offset_size, version,
++						       NULL, 0, section,
+ 						       NULL, ' ', -1);
+ 		      if (n != nargs - 1)
+ 			printf (",");
+@@ -10310,7 +10311,7 @@ display_debug_names (struct dwarf_section *section, void *file)
+ 							  unit_start, entryptr, unit_end,
+ 							  0, 0, offset_size,
+ 							  dwarf_version, NULL,
+-							  (tagno < 0), NULL,
++							  (tagno < 0), section,
+ 							  NULL, '=', -1);
+ 		}
+ 	      ++tagno;
+-- 
+2.43.0
+
diff --git a/binutils.spec b/binutils.spec
index baa41f9ddc6a43e53f722375e48db49f41dff892..42b4325697d23652b447619ace02ae1c0a029e4d 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -1,7 +1,7 @@
 Summary: Binary utilities
 Name:    binutils
 Version: 2.34
-Release: 38
+Release: 39
 License: GPLv3+
 URL:     https://sourceware.org/binutils
 
@@ -75,6 +75,7 @@ Patch60: backport-CVE-2025-7545.patch
 Patch61: backport-CVE-2022-38126.patch
 Patch62: backport-CVE-2022-38533.patch
 Patch63: backport-CVE-2025-7546.patch
+Patch64: backport-PR29171-invalid-read-causing-SIGSEGV.patch
 
 Provides: bundled(libiberty)
 
@@ -329,6 +330,9 @@ fi
 %{_infodir}/bfd*info*
 
 %changelog
+* Thu Sep 4 2025 yixiangzhike <yixiangzhike007@163.com> - 2.34-39
+- backport PR29171 to fix invalid read causing SIGSEGV
+
 * Fri Aug 29 2025 eastb233 <xiezhiheng@huawei> - 2.34-38
 - Fix CVE-2022-38126, CVE-2022-38533, CVE-2025-7546