diff --git a/SOURCES/binutils-coffgen-buffer-overrun.patch b/SOURCES/binutils-coffgen-buffer-overrun.patch
new file mode 100644
index 0000000..88f46c7
--- /dev/null
+++ b/SOURCES/binutils-coffgen-buffer-overrun.patch
@@ -0,0 +1,14 @@
+--- binutils.orig/bfd/coffgen.c	2022-04-25 13:43:52.724745386 +0100
++++ binutils-2.30/bfd/coffgen.c	2022-04-25 13:46:39.583596137 +0100
+@@ -1838,10 +1838,7 @@ coff_get_normalized_symtab (bfd *abfd)
+       internal_ptr->is_sym = TRUE;
+ 
+       /* PR 17512: file: 1353-1166-0.004.  */
+-      if (symbol_ptr->u.syment.n_sclass == C_FILE
+-	  && symbol_ptr->u.syment.n_numaux > 0
+-	  && raw_src + symesz + symbol_ptr->u.syment.n_numaux
+-	  * symesz > raw_end)
++      if (symbol_ptr->u.syment.n_numaux > ((raw_end - 1) - raw_src) / symesz)
+ 	{
+ 	  bfd_release (abfd, internal);
+ 	  return NULL;
diff --git a/SPECS/binutils.spec b/SPECS/binutils.spec
index e08853b..89119a1 100644
--- a/SPECS/binutils.spec
+++ b/SPECS/binutils.spec
@@ -43,7 +43,7 @@
 Summary: A GNU collection of binary utilities
 Name: binutils%{?name_cross}%{?_with_debug:-debug}
 Version: 2.30
-Release: 116%{?dist}
+Release: 117%{?dist}
 License: GPLv3+
 URL: https://sourceware.org/binutils
 
@@ -623,6 +623,10 @@ Patch99: binutils-aarch64-rng.patch
 # Lifetime: Fixed in 2.39
 Patch100: binutils-s390-z16.patch
 
+# Purpose:  Fix a potential buffer overrun in the BFD library.
+# Lifetime: Fixed in 2.35
+Patch101: binutils-coffgen-buffer-overrun.patch
+
 #----------------------------------------------------------------------------
 
 Provides: bundled(libiberty)
@@ -860,6 +864,7 @@ using libelf instead of BFD.
 %patch98 -p1
 %patch99 -p1
 %patch100 -p1
+%patch101 -p1
 
 # We cannot run autotools as there is an exact requirement of autoconf-2.59.
 # FIXME - this is no longer true.  Maybe try reinstating autotool use ?
@@ -1309,6 +1314,9 @@ exit 0
 
 #----------------------------------------------------------------------------
 %changelog
+* Mon Apr 25 2022 Nick Clifton  <nickc@redhat.com> - 2.30-117
+- Fix a potential buffer overrun in the BFD library's PE handling code.  (#2076973)
+
 * Mon Apr 11 2022 Nick Clifton  <nickc@redhat.com> - 2.30-116
 - Allow z16 to be used as an alias for the s390 architecture's arch14 extensions.  (#2073384)