diff --git a/0007-backport-fix-CVE-2022-34038.patch b/0007-backport-fix-CVE-2022-34038.patch
new file mode 100644
index 0000000..07915a0
--- /dev/null
+++ b/0007-backport-fix-CVE-2022-34038.patch
@@ -0,0 +1,42 @@
+From 3d941cd2d0897d204a2f36fe70eb6011892461d9 Mon Sep 17 00:00:00 2001
+From: lvxiangcong <lvxiangcong@kylinos.cn>
+Date: Mon, 17 Feb 2025 10:19:48 +0800
+Subject: [PATCH] backport-fix-cve-2022-34038
+
+---
+ pkg/ioutil/pagewriter.go | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/pkg/ioutil/pagewriter.go b/pkg/ioutil/pagewriter.go
+index cf9a8dc..10d921d 100644
+--- a/pkg/ioutil/pagewriter.go
++++ b/pkg/ioutil/pagewriter.go
+@@ -16,6 +16,7 @@ package ioutil
+ 
+ import (
+ 	"io"
++	"fmt"
+ )
+ 
+ var defaultBufferBytes = 128 * 1024
+@@ -38,9 +39,17 @@ type PageWriter struct {
+ 	bufWatermarkBytes int
+ }
+ 
++// Assert will panic with a given formatted message if the given condition is false.
++func Assert(condition bool, msg string, v int) {
++       if !condition {
++               panic(fmt.Sprintf("assertion failed:" +msg, v))
++       }
++}
++
+ // NewPageWriter creates a new PageWriter. pageBytes is the number of bytes
+ // to write per page. pageOffset is the starting offset of io.Writer.
+ func NewPageWriter(w io.Writer, pageBytes, pageOffset int) *PageWriter {
++	Assert(pageBytes > 0, "pageBytes %d is an invalid value, it must be greater than 0", pageBytes)
+ 	return &PageWriter{
+ 		w:                 w,
+ 		pageOffset:        pageOffset,
+-- 
+2.46.0
+
diff --git a/etcd.spec b/etcd.spec
index 199a72d..7fef020 100644
--- a/etcd.spec
+++ b/etcd.spec
@@ -31,7 +31,7 @@ system.}
 %global gosupfiles      integration/fixtures/* etcdserver/api/v2http/testdata/*
 
 Name:           etcd
-Release:        9
+Release:        10
 Summary:        Distributed reliable key-value store for the most critical data of a distributed system
 
 # Upstream license specification: Apache-2.0
@@ -50,6 +50,7 @@ Patch3:		0003-etcd-3.4.14-sw.patch
 Patch4:         0004-backport-Suppress-noisy-basic-auth-token-deletion-log.patch
 Patch5:         0005-backport-fix-CVE-2022-3064.patch
 Patch6:         0006-backport-fix-CVE-2022-41723.patch
+Patch7:         0007-backport-fix-CVE-2022-34038.patch
 BuildRequires:  golang
 BuildRequires:  python3-devel
 %{?systemd_requires}
@@ -72,6 +73,7 @@ Requires(pre):  shadow-utils
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1
 # For compatibility
 cp -aR etcdserver/api/snap snap
 cp -aR etcdserver/api/membership etcdserver/membership
@@ -157,6 +159,12 @@ getent passwd %{name} >/dev/null || useradd -r -g %{name} -d %{_sharedstatedir}/
 %endif
 
 %changelog
+* Mon Feb 17 2025 lvxiangcong<lvxiangcong@kylinos.cn> - 3.4.14-10
+- Type:CVE
+- CVE:CVE-2022-34038
+- SUG:NA
+- DESC: backport fix CVE-2022-34038
+
 * Fri Feb 14 2025 lvxiangcong<lvxiangcong@kylinos.cn> - 3.4.14-9
 - Type:CVE
 - CVE:CVE-2022-41723