diff --git a/CVE-2022-41877.patch b/CVE-2022-41877.patch
new file mode 100644
index 0000000000000000000000000000000000000000..be2ac236b24145cff0104525fd8023c1514a4d47
--- /dev/null
+++ b/CVE-2022-41877.patch
@@ -0,0 +1,28 @@
+From bd6c659e14353608196ab79595bfe36330803a65 Mon Sep 17 00:00:00 2001
+From: qz_cx <wangqingzheng@kylinos.cn>
+Date: Fri, 18 Nov 2022 06:33:20 +0800
+Subject: [PATCH] Fixed missing stream length check in
+ drive_file_query_directory
+
+(cherry picked from commit 4e4bb79)
+akallabeth committed
+---
+ channels/drive/client/drive_main.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/channels/drive/client/drive_main.c b/channels/drive/client/drive_main.c
+index 1b54225..168d86b 100644
+--- a/channels/drive/client/drive_main.c
++++ b/channels/drive/client/drive_main.c
+@@ -629,6 +629,8 @@ static UINT drive_process_irp_query_directory(DRIVE_DEVICE* drive, IRP* irp)
+ 	Stream_Read_UINT32(irp->input, PathLength);
+ 	Stream_Seek(irp->input, 23); /* Padding */
+ 	path = (WCHAR*)Stream_Pointer(irp->input);
++        if (!Stream_CheckAndLogRequiredLength(TAG, irp->input, PathLength))
++		return ERROR_INVALID_DATA;
+ 	file = drive_get_file_by_id(drive, irp->FileId);
+ 
+ 	if (file == NULL)
+-- 
+2.33.0
+
diff --git a/freerdp.spec b/freerdp.spec
index c1b3c034c31ffcf2db43c96d7e168a2a8e2cbec1..cf8d3ddf412fe52a4400d34f645b81ed445b255c 100644
--- a/freerdp.spec
+++ b/freerdp.spec
@@ -1,6 +1,6 @@
 Name:           freerdp
 Version:        2.8.1
-Release:        1
+Release:        2
 Epoch:          2
 Summary:        A Remote Desktop Protocol Implementation
 License:        Apache-2.0
@@ -8,6 +8,7 @@ URL:            http://www.freerdp.com
 
 Source0:        https://github.com/FreeRDP/FreeRDP/archive/refs/tags/%{version}.tar.gz
 Patch0001:	Fix-freerdp-shadow-cli-exit-codes-for-help-and-version.patch
+Patch0002:	CVE-2022-41877.patch
 
 BuildRequires:  gcc gcc-c++ alsa-lib-devel cmake >= 2.8 cups-devel gsm-devel libXrandr-devel libXv-devel
 BuildRequires:  libjpeg-turbo-devel libjpeg-turbo-devel libX11-devel libXcursor-devel libxkbfile-devel
@@ -137,6 +138,12 @@ echo "%{_libdir}/freerdp2" > %{buildroot}%{_sysconfdir}/ld.so.conf.d/%{name}-%{_
 %{_mandir}/*/*
 
 %changelog
+* Fri Nov 18 2022 qz_cx <wangqingzheng@kylinos.cn> - 2:2.8.1-2
+- Type:CVE
+- ID:NA
+- SUG:NA
+- DESC: fix CVE-2022-41877
+
 * Thu Oct 20 2022 jiangpeng <jiangpeng01@ncti-gba.cn> - 2:2.8.1-1
 - Upgrade to 2.8.1
 - Fix CVE-2022-39282