diff --git a/backport-Fix-crash-when-reloading-DHCP-config-on-SIGHUP.patch b/backport-Fix-crash-when-reloading-DHCP-config-on-SIGHUP.patch
new file mode 100644
index 0000000000000000000000000000000000000000..eb102cb2218614c203503a6170dfed4453ead81f
--- /dev/null
+++ b/backport-Fix-crash-when-reloading-DHCP-config-on-SIGHUP.patch
@@ -0,0 +1,50 @@
+From f006be7842104a9f86fbf419326b7aad08ade61d Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 4 Oct 2024 16:59:14 +0100
+Subject: [PATCH] Fix crash when reloading DHCP config on SIGHUP.
+ 
+ Confusion in the code to free old DHCP configuration when it's
+ being reloaded causes invalid pointers to be followed and a crash.
+ 
+ https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q4/017764.html
+ 
+ has a more complete explanation of the problem.
+ 
+Conflict:NA
+Reference:https://github.com/rhuijben/dnsmasq/commit/f006be7842104a9f86fbf419326b7aad08ade61d
+ 
+---
+ src/option.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+ 
+diff --git a/src/option.c b/src/option.c
+index f4ff7c0..ed0d9e1 100644
+--- a/src/option.c
++++ b/src/option.c
+@@ -1336,7 +1336,7 @@ static void dhcp_netid_free(struct dhcp_netid *nid)
+ 
+ /* Parse one or more tag:s before parameters.
+  * Moves arg to the end of tags. */
+-static struct dhcp_netid * dhcp_tags(char **arg)
++static struct dhcp_netid *dhcp_tags(char **arg)
+ {
+   struct dhcp_netid *id = NULL;
+ 
+@@ -1360,7 +1360,13 @@ static void dhcp_netid_list_free(struct dhcp_netid_list *netid)
+     {
+       struct dhcp_netid_list *tmplist = netid;
+       netid = netid->next;
+-      dhcp_netid_free(tmplist->list);
++      /* Note: don't use dhcp_netid_free() here, since that 
++	 frees a list linked on netid->next. Where a netid_list
++	 is used that's because the the ->next pointers in the
++	 netids are being used to temporarily construct 
++	 a list of valid tags. */
++      free(tmplist->list->net);
++      free(tmplist->list);
+       free(tmplist);
+     }
+ }
+-- 
+2.33.0
+
diff --git a/dnsmasq.spec b/dnsmasq.spec
index cef53debb0db3e92443a092e26b28fa7af3b60cf..507bac91b82a0088a05ad51545da9c0dac42a425 100644
--- a/dnsmasq.spec
+++ b/dnsmasq.spec
@@ -1,6 +1,6 @@
 Name:           dnsmasq
 Version:        2.86
-Release:        8
+Release:        9
 Summary:        Dnsmasq provides network infrastructure for small networks
 License:        GPLv2 or GPLv3
 URL:            http://www.thekelleys.org.uk/dnsmasq/
@@ -48,6 +48,7 @@ Patch37:        backport-Fix-massive-confusion-on-server-reload.patch
 Patch38:        backport-Fix-use-after-free-in-mark_servers.patch
 Patch39:        backport-Fix-memory-leak-when-using-dhcp-optsfile-with-DHCPv6.patch
 Patch40:        backport-CVE-2023-49441-Fix-standalone-SHA256-implementation.patch
+Patch41:        backport-Fix-crash-when-reloading-DHCP-config-on-SIGHUP.patch
 
 BuildRequires:  gcc
 BuildRequires:  dbus-devel pkgconfig libidn2-devel nettle-devel systemd
@@ -137,6 +138,12 @@ install -Dpm644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysusersdir}/dnsmasq.conf
 %{_mandir}/man8/dnsmasq*
 
 %changelog
+* Sat Oct 12 2024 huyizhen <huyizhen2@huawei.com> - 2.86-9
+- Type:bugfix
+- CVE:
+- SUG:NA
+- DESC:Fix crash when reloading DHCP config on SIGHUP
+
 * Tue Jun 11 2024 renmingshuai <renmingshuai@huawei.com> - 2.86-8
 - Type:CVE
 - Id:CVE-2023-49441