diff --git a/backport-CVE-2021-28831.patch b/backport-CVE-2021-28831.patch
new file mode 100755
index 0000000000000000000000000000000000000000..efcbde4ee46e6c11cfd5f707444b0fd58772cd3f
--- /dev/null
+++ b/backport-CVE-2021-28831.patch
@@ -0,0 +1,42 @@
+From 26d06cef6684055a30cce5922095d22e8a9a91e3 Mon Sep 17 00:00:00 2001
+From: leizhongkai <leizhongkai@huawei.com>
+Date: Sat, 17 Apr 2021 14:27:23 +0800
+Subject: [PATCH] busybox: fix CVE-2021-28831
+
+backoprt from upstream:
+https://git.busybox.net/busybox/patch/?id=dbd3b883a891f076911d752f56f7a906d5650a17
+
+Signed-off-by: leizhongkai <leizhongkai@huawei.com>
+---
+ archival/libarchive/decompress_gunzip.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/archival/libarchive/decompress_gunzip.c b/archival/libarchive/decompress_gunzip.c
+index 7f9046b..3eeae76 100644
+--- a/archival/libarchive/decompress_gunzip.c
++++ b/archival/libarchive/decompress_gunzip.c
+@@ -222,10 +222,21 @@ static const uint8_t border[] ALIGN1 = {
+  * each table.
+  * t: table to free
+  */
++#define BAD_HUFT(p) ((uintptr_t)(p) & 1)
++#define ERR_RET     ((huft_t*)(uintptr_t)1)
+ static void huft_free(huft_t *p)
+ {
+ 	huft_t *q;
+ 
++    /*
++     * If 'p' has the error bit set we have to clear it, otherwise we might run
++     * into a segmentation fault or an invalid pointer to free(p)
++     */
++    if (BAD_HUFT(p)) {
++        p = (huft_t*)((uintptr_t)(p) ^ (uintptr_t)(ERR_RET));
++    }
++
++
+ 	/* Go through linked list, freeing from the malloced (t[-1]) address. */
+ 	while (p) {
+ 		q = (--p)->v.t;
+-- 
+2.23.0
+
diff --git a/busybox.spec b/busybox.spec
index af5fe2c33fb3cf6b9918930ae55fd660047de9f6..520d74b46d99a6c1de92fd98a004907838b835f0 100644
--- a/busybox.spec
+++ b/busybox.spec
@@ -4,7 +4,7 @@
 %endif
 
 %if "%{!?RELEASE:1}"
-%define RELEASE 7
+%define RELEASE 8
 %endif
 
 Name: busybox
@@ -22,6 +22,7 @@ Source3: busybox-dynamic.config
 #backport
 Patch6000: backport-bugfix-remove-stime-calls.patch
 Patch6001: backport-CVE-2018-1000500.patch 
+Patch6002: backport-CVE-2021-28831.patch
 
 BuildRoot:      %_topdir/BUILDROOT
 #Dependency
@@ -97,6 +98,12 @@ install -m 644 docs/busybox.dynamic.1 $RPM_BUILD_ROOT/%{_mandir}/man1/busybox.1
 %{_mandir}/man1/busybox.petitboot.1.gz
 
 %changelog
+* Fri Apr 30 2021 caihaomin <caihaomin@huawei.com> - 1:1.31.1-8
+- Type:CVE
+- CVE:CVE-2021-28831
+- SUG:NA
+- DESC:fix CVE-2021-28831
+
 * Tue Feb 09 2021 xieliuhua <xieliuhua@huawei.com> - 1:1.31.1-7
 - Type:CVE
 - CVE:CVE-2018-1000500