diff --git a/backport-wb_sids2xids-build-state-idmap_doms-based-on-wb_parent_idmap_config.patch b/backport-wb_sids2xids-build-state-idmap_doms-based-on-wb_parent_idmap_config.patch
new file mode 100644
index 0000000000000000000000000000000000000000..c43c01da086926f8a0fe830fb6fe0f03f912ee47
--- /dev/null
+++ b/backport-wb_sids2xids-build-state-idmap_doms-based-on-wb_parent_idmap_config.patch
@@ -0,0 +1,41 @@
+From c55f4f37589130a0d8952489da175bbcf53f6748 Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze@samba.org>
+Date: Thu, 10 Sep 2020 17:13:14 +0200
+Subject: [PATCH] wb_sids2xids: build state->idmap_doms based on
+ wb_parent_idmap_config
+
+In future we'll try to avoid wb_lookupsids_send() and only call
+it if needed.
+
+The domain name passed should be only relevant to find the correct
+idmap backend, and these should all be available in
+wb_parent_idmap_config as it was created before the idmap child was forked.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
+
+Signed-off-by: Stefan Metzmacher <metze@samba.org>
+Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
+
+Signed-off-by: wangxiaomeng <wangxiaomeng@kylinos.cn>
+Subject: [PATCH] fix winbind coredump
+
+---
+ source3/winbindd/wb_sids2xids.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/source3/winbindd/wb_sids2xids.c b/source3/winbindd/wb_sids2xids.c
+index 29fb1cd..40c0235 100644
+--- a/source3/winbindd/wb_sids2xids.c
++++ b/source3/winbindd/wb_sids2xids.c
+@@ -157,7 +157,7 @@ static void wb_sids2xids_idmap_setup_done(struct tevent_req *subreq)
+ 	 * with non cached entries
+ 	 */
+ 	for (i=0; i<state->num_sids; i++) {
+-		struct wbint_TransID *t = &state->ids.ids[i];
++		struct wbint_TransID *t = &state->all_ids.ids[i];
+ 		struct dom_sid domain_sid;
+ 		const char *domain_name = NULL;
+ 		int domain_index;
+-- 
+2.33.0
+
diff --git a/backport-wb_sids2xids-maintain-struct-wbint_TransIDArray-all_ids-as-cache.patch b/backport-wb_sids2xids-maintain-struct-wbint_TransIDArray-all_ids-as-cache.patch
new file mode 100644
index 0000000000000000000000000000000000000000..bc30a3726552e69e5a1501c4a21e659df31eda1f
--- /dev/null
+++ b/backport-wb_sids2xids-maintain-struct-wbint_TransIDArray-all_ids-as-cache.patch
@@ -0,0 +1,122 @@
+From 04956350a5725325954b2caba662ecd6dace7829 Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze@samba.org>
+Date: Thu, 10 Sep 2020 16:45:03 +0200
+Subject: [PATCH] wb_sids2xids: maintain struct wbint_TransIDArray all_ids as
+ cache
+
+Entries with domain_index == UINT32_MAX are valid cache entries.
+
+In the following commits we'll fill in missing entries step by step
+until all entries are marked as filled.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14539
+
+Signed-off-by: Stefan Metzmacher <metze@samba.org>
+Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
+---
+ source3/winbindd/wb_sids2xids.c | 49 ++++++++++++++++++++++++++++-----
+ 1 file changed, 42 insertions(+), 7 deletions(-)
+
+diff --git a/source3/winbindd/wb_sids2xids.c b/source3/winbindd/wb_sids2xids.c
+index 725fd857ef5d..770a7f0d8b00 100644
+--- a/source3/winbindd/wb_sids2xids.c
++++ b/source3/winbindd/wb_sids2xids.c
+@@ -34,7 +34,7 @@ struct wb_sids2xids_state {
+ 	struct dom_sid *sids;
+ 	uint32_t num_sids;
+ 
+-	struct id_map *cached;
++	struct wbint_TransIDArray all_ids;
+ 
+ 	struct dom_sid *non_cached;
+ 	uint32_t num_non_cached;
+@@ -75,6 +75,7 @@ struct tevent_req *wb_sids2xids_send(TALLOC_CTX *mem_ctx,
+ 	struct tevent_req *req, *subreq;
+ 	struct wb_sids2xids_state *state;
+ 	uint32_t i;
++	uint32_t num_valid = 0;
+ 
+ 	req = tevent_req_create(mem_ctx, &state,
+ 				struct wb_sids2xids_state);
+@@ -95,8 +96,9 @@ struct tevent_req *wb_sids2xids_send(TALLOC_CTX *mem_ctx,
+ 		sid_copy(&state->sids[i], &sids[i]);
+ 	}
+ 
+-	state->cached = talloc_zero_array(state, struct id_map, num_sids);
+-	if (tevent_req_nomem(state->cached, req)) {
++	state->all_ids.num_ids = num_sids;
++	state->all_ids.ids = talloc_zero_array(state, struct wbint_TransID, num_sids);
++	if (tevent_req_nomem(state->all_ids.ids, req)) {
+ 		return tevent_req_post(req, ev);
+ 	}
+ 
+@@ -111,20 +113,53 @@ struct tevent_req *wb_sids2xids_send(TALLOC_CTX *mem_ctx,
+ 	 * the same index.
+ 	 */
+ 	for (i=0; i<state->num_sids; i++) {
++		struct wbint_TransID *cur_id = &state->all_ids.ids[i];
++		struct dom_sid domain_sid;
+ 		struct dom_sid_buf buf;
++		struct id_map map = { .status = ID_UNMAPPED, };
++		uint32_t rid = 0;
++		bool in_cache;
++
++		sid_copy(&domain_sid, &state->sids[i]);
++		sid_split_rid(&domain_sid, &rid);
++
++		/*
++		 * Start with an invalid entry.
++		 */
++		*cur_id = (struct wbint_TransID) {
++			.type = ID_TYPE_NOT_SPECIFIED,
++			.domain_index = UINT32_MAX - 1, /* invalid */
++			.rid = rid,
++			.xid = {
++				.id = UINT32_MAX,
++				.type = ID_TYPE_NOT_SPECIFIED,
++			},
++		};
+ 
+ 		DEBUG(10, ("SID %d: %s\n", (int)i,
+ 			   dom_sid_str_buf(&state->sids[i], &buf)));
+ 
+-		if (wb_sids2xids_in_cache(&state->sids[i], &state->cached[i])) {
++		in_cache = wb_sids2xids_in_cache(&state->sids[i], &map);
++		if (in_cache) {
++			/*
++			 * We used to ignore map.status and just rely
++			 * on map.xid.type.
++			 *
++			 * Lets keep this logic for now...
++			 */
++
++			cur_id->xid = map.xid;
++			cur_id->domain_index = UINT32_MAX; /* this marks it as filled entry */
++			num_valid += 1;
+ 			continue;
+ 		}
++
+ 		sid_copy(&state->non_cached[state->num_non_cached],
+ 			 &state->sids[i]);
+ 		state->num_non_cached += 1;
+ 	}
+ 
+-	if (state->num_non_cached == 0) {
++	if (num_valid == num_sids) {
+ 		tevent_req_done(req);
+ 		return tevent_req_post(req, ev);
+ 	}
+@@ -453,8 +488,8 @@ NTSTATUS wb_sids2xids_recv(struct tevent_req *req,
+ 
+ 		xid.id = UINT32_MAX;
+ 
+-		if (state->cached[i].sid != NULL) {
+-			xid = state->cached[i].xid;
++		if (state->all_ids.ids[i].domain_index == UINT32_MAX) {
++			xid = state->all_ids.ids[i].xid;
+ 		} else {
+ 			xid = state->ids.ids[num_non_cached].xid;
+ 
+-- 
+GitLab
+
diff --git a/samba.spec b/samba.spec
index 435c3dca5756d92207f3587f700708dd8b3e84f6..e75092cd896aeceb294733d9a13a87414d755e9e 100644
--- a/samba.spec
+++ b/samba.spec
@@ -50,7 +50,7 @@
 
 Name:           samba
 Version:        4.11.12
-Release:        35
+Release:        36
 
 Summary:        A suite for Linux to interoperate with Windows
 License:        GPLv3+ and LGPLv3+
@@ -356,6 +356,8 @@ Patch6425:       backport-0004-CVE-2018-14628.patch
 Patch6426:       backport-0005-CVE-2018-14628.patch
 Patch6427:       backport-0006-CVE-2018-14628.patch
 Patch6428:       remove-sensitive-info.patch
+Patch6429:       backport-wb_sids2xids-build-state-idmap_doms-based-on-wb_parent_idmap_config.patch
+Patch6430:       backport-wb_sids2xids-maintain-struct-wbint_TransIDArray-all_ids-as-cache.patch
 
 
 BuildRequires: avahi-devel cups-devel dbus-devel docbook-style-xsl e2fsprogs-devel gawk gnupg2 gnutls-devel >= 3.4.7 gpgme-devel
@@ -3414,6 +3416,12 @@ fi
 %{_mandir}/man*
 
 %changelog
+* Fri Mar 14 2025 wangxiaomeng <wangxiaomeng@kylinos.cn> - 4.11.12-36
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fix winbindd coredump
+
 * Fri Jan 19 2024 xinghe <xinghe2@h-partners.com> - 4.11.12-35
 - Type:bugfix
 - ID:NA