diff --git a/SPECS/crash/CVE-2025-11083.patch b/SPECS/crash/CVE-2025-11083.patch
new file mode 100644
index 00000000000..6954a4e8edd
--- /dev/null
+++ b/SPECS/crash/CVE-2025-11083.patch
@@ -0,0 +1,41 @@
+From 765af918a21fe63e91d2120d777e5cf018fd2781 Mon Sep 17 00:00:00 2001
+From: AllSpark <allspark@microsoft.com>
+Date: Tue, 5 May 2026 12:39:58 +0000
+Subject: [PATCH] elf: Avoid matching corrupt section header when reading ELF64
+ extended numbering.\n\nDetect a section header that extends past end of file
+ and reject it to avoid later crashes.\n\n\tPR ld/33457\n\t* netdump.c
+ (resize_elf_header): After reading the first section header when e_phnum ==
+ PN_XNUM, check that sh_offset+sh_size does not exceed the file size. If it
+ does, warn and fail.\n\nSigned-off-by: H.J. Lu <hjl.tools@gmail.com>
+
+Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
+Upstream-reference: AI Backport of https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=9ca499644a21ceb3f946d1c179c38a83be084490
+---
+ netdump.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/netdump.c b/netdump.c
+index c7ff009..da557bd 100644
+--- a/netdump.c
++++ b/netdump.c
+@@ -556,6 +556,17 @@ resize_elf_header(int fd, char *file, char **eheader_ptr, char **sect0_ptr,
+ 					perror(buf);
+ 					return 0;
+ 				}
++				/* PR ld/33457: Don't match corrupt section header. */
++				{
++					struct stat64 st;
++					if (fstat64(fd, &st) == 0) {
++						unsigned long long end = (unsigned long long)shdr64->sh_offset + (unsigned long long)shdr64->sh_size;
++						if (end > (unsigned long long)st.st_size) {
++							fprintf(stderr, "warning: %s has a section extending past end of file\n", file);
++							return 0;
++						}
++					}
++				}
+ 			}
+ 			num_pt_load_segments = shdr64->sh_info - 1;
+ 			*sect0_ptr = (char *)shdr64;
+-- 
+2.45.4
+
diff --git a/SPECS/crash/crash.spec b/SPECS/crash/crash.spec
index df99f6c7c95..5fa86dcd381 100644
--- a/SPECS/crash/crash.spec
+++ b/SPECS/crash/crash.spec
@@ -1,7 +1,7 @@
 %global gdb_version 16.2
 Name:          crash
 Version:       9.0.0
-Release:       2%{?dist}
+Release:       3%{?dist}
 Summary:       kernel crash analysis utility for live systems, netdump, diskdump, kdump, LKCD or mcore dumpfiles
 Group:         Development/Tools
 Vendor:        Microsoft Corporation
@@ -23,6 +23,7 @@ Patch0:        lzo_snappy_zstd.patch
 Patch100:      CVE-2022-37434.patch
 Patch101:      CVE-2025-11082.patch
 Patch102:      CVE-2026-4647.patch
+Patch103:      CVE-2025-11083.patch
 
 License:       GPLv3+
 BuildRequires: binutils
@@ -122,6 +123,9 @@ cp -p defs.h %{buildroot}%{_includedir}/crash
 %endif
 
 %changelog
+* Tue May 05 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 9.0.0-3
+- Patch for CVE-2025-11083
+
 * Thu Apr 02 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 9.0.0-2
 - Patch for CVE-2026-4647