diff --git a/backport-IF-MIB-Add-a-trailing-newline-to-an-error-message.patch b/backport-IF-MIB-Add-a-trailing-newline-to-an-error-message.patch
new file mode 100644
index 0000000000000000000000000000000000000000..78976e32b5772e05367fa58d7ce0a234fd6916f9
--- /dev/null
+++ b/backport-IF-MIB-Add-a-trailing-newline-to-an-error-message.patch
@@ -0,0 +1,26 @@
+From 2cd0e7d72a76ba27a18315b9ae67e6ed6d2c464a Mon Sep 17 00:00:00 2001
+From: Bart Van Assche <bvanassche@acm.org>
+Date: Mon, 9 Aug 2021 13:38:36 -0700
+Subject: [PATCH] IF-MIB: Add a trailing newline to an error message
+
+Fixes: 8bb544fbd2d6 ("Linux: IF-MIB: Fix a memory leak")
+---
+ agent/mibgroup/if-mib/data_access/interface_linux.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/agent/mibgroup/if-mib/data_access/interface_linux.c b/agent/mibgroup/if-mib/data_access/interface_linux.c
+index e56cadf46..5322ee937 100644
+--- a/agent/mibgroup/if-mib/data_access/interface_linux.c
++++ b/agent/mibgroup/if-mib/data_access/interface_linux.c
+@@ -927,7 +927,7 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
+             netsnmp_interface_entry *existing =
+                 CONTAINER_FIND(container, entry);
+             NETSNMP_LOGONCE((LOG_WARNING,
+-                             "Encountered interface with index %" NETSNMP_PRIz "u twice: %s <> %s",
++                             "Encountered interface with index %" NETSNMP_PRIz "u twice: %s <> %s\n",
+                              entry->index, existing ? existing->name : "(?)",
+                              entry->name));
+             netsnmp_access_interface_entry_free(entry);
+-- 
+2.33.0
+
diff --git a/backport-IF-MIB-Fix-a-recently-introduced-use-after-free.patch b/backport-IF-MIB-Fix-a-recently-introduced-use-after-free.patch
new file mode 100644
index 0000000000000000000000000000000000000000..86e56d9794ba02783be6f763c1ecd7c3f32014da
--- /dev/null
+++ b/backport-IF-MIB-Fix-a-recently-introduced-use-after-free.patch
@@ -0,0 +1,54 @@
+From d4b58c60367a262d829eb33e7888d28cd4337481 Mon Sep 17 00:00:00 2001
+From: Bart Van Assche <bvanassche@acm.org>
+Date: Thu, 5 Aug 2021 18:56:50 -0700
+Subject: [PATCH] IF-MIB: Fix a recently introduced use-after-free
+
+Do not free the netsnmp_interface_entry corresponding to the previous line
+from /proc/dev/net if an interface disappeared. Additionally, reduce the
+scope of the 'entry' variable.
+
+Fixes: 600c54135b10 ("IF-MIB, IP-FORWARD-MIB: Improve robustness")
+---
+ agent/mibgroup/if-mib/data_access/interface_linux.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/agent/mibgroup/if-mib/data_access/interface_linux.c b/agent/mibgroup/if-mib/data_access/interface_linux.c
+index 9d9b2ceb3..ea7389682 100644
+--- a/agent/mibgroup/if-mib/data_access/interface_linux.c
++++ b/agent/mibgroup/if-mib/data_access/interface_linux.c
+@@ -609,7 +609,6 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
+ {
+     FILE           *devin;
+     char            line[256];
+-    netsnmp_interface_entry *entry = NULL;
+     static char     scan_expected = 0;
+     int             fd;
+     int             interfaces = 0;
+@@ -690,6 +689,7 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
+      *   and retrieve (or create) the corresponding data structure.
+      */
+     while (fgets(line, sizeof(line), devin)) {
++        netsnmp_interface_entry *entry = NULL;
+         char           *stats, *ifstart = line;
+         u_int           flags;
+         oid             if_index;
+@@ -738,7 +738,7 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
+         if (if_index == 0) {
+             DEBUGMSGTL(("access:interface", "network interface %s is gone",
+                         ifstart));
+-            goto free_entry;
++            continue;
+         }
+ #ifdef NETSNMP_ENABLE_IPV6
+         _arch_interface_has_ipv6(if_index, &flags, addr_container);
+@@ -933,7 +933,6 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
+                              "Encountered interface with index %" NETSNMP_PRIz "u twice: %s <> %s",
+                              entry->index, existing ? existing->name : "(?)",
+                              entry->name));
+-free_entry:
+             netsnmp_access_interface_entry_free(entry);
+         }
+     }
+-- 
+2.33.0
+
diff --git a/backport-IF-MIB-IP-FORWARD-MIB-Improve-robustness.patch b/backport-IF-MIB-IP-FORWARD-MIB-Improve-robustness.patch
new file mode 100644
index 0000000000000000000000000000000000000000..ea36f9a8822a37caf674044143186ae4b543433d
--- /dev/null
+++ b/backport-IF-MIB-IP-FORWARD-MIB-Improve-robustness.patch
@@ -0,0 +1,80 @@
+From 600c54135b1015d56070f702d878772dd9f0d51e Mon Sep 17 00:00:00 2001
+From: Bart Van Assche <bvanassche@acm.org>
+Date: Mon, 2 Aug 2021 19:04:31 -0700
+Subject: [PATCH] IF-MIB, IP-FORWARD-MIB: Improve robustness
+
+It can happen that a network interface disappears after scanning has started
+and before netsnmp_arch_interface_index_find() or another query function is
+called. If that happens, ignore the network interface silently.
+---
+ agent/mibgroup/if-mib/data_access/interface_linux.c   |  7 ++++++-
+ .../mibgroup/ip-forward-mib/data_access/route_linux.c | 11 ++++++-----
+ 2 files changed, 12 insertions(+), 6 deletions(-)
+
+diff --git a/agent/mibgroup/if-mib/data_access/interface_linux.c b/agent/mibgroup/if-mib/data_access/interface_linux.c
+index 215b30e80..7e4a35130 100644
+--- a/agent/mibgroup/if-mib/data_access/interface_linux.c
++++ b/agent/mibgroup/if-mib/data_access/interface_linux.c
+@@ -734,7 +734,11 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
+          * knows a better way, put it here!
+          */
+         if_index = netsnmp_arch_interface_index_find(ifstart);
+-        netsnmp_assert(if_index != 0);
++        if (if_index == 0) {
++            DEBUGMSGTL(("access:interface", "network interface %s is gone",
++                        ifstart));
++            goto free_entry;
++        }
+ #ifdef NETSNMP_ENABLE_IPV6
+         _arch_interface_has_ipv6(if_index, &flags, addr_container);
+ #endif
+@@ -928,6 +932,7 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
+                              "Encountered interface with index %" NETSNMP_PRIz "u twice: %s <> %s",
+                              entry->index, existing ? existing->name : "(?)",
+                              entry->name));
++free_entry:
+             netsnmp_access_interface_entry_free(entry);
+         }
+     }
+diff --git a/agent/mibgroup/ip-forward-mib/data_access/route_linux.c b/agent/mibgroup/ip-forward-mib/data_access/route_linux.c
+index 956e127c9..9b6a63ead 100644
+--- a/agent/mibgroup/ip-forward-mib/data_access/route_linux.c
++++ b/agent/mibgroup/ip-forward-mib/data_access/route_linux.c
+@@ -97,9 +97,7 @@ _load_ipv4(netsnmp_container* container, u_long *index )
+             snmp_log(LOG_ERR,
+                      "/proc/net/route data format error (%d!=8), line ==|%s|",
+                      rc, line);
+-            
+-            netsnmp_access_route_entry_free(entry);        
+-            continue;
++            goto free_entry;
+         }
+ 
+         /*
+@@ -114,9 +112,12 @@ _load_ipv4(netsnmp_container* container, u_long *index )
+          * but since that will open/close a socket, and we might
+          * have a lot of routes, call the ioctl routine directly.
+          */
+-        if ('*' != name[0])
++        if ('*' != name[0]) {
+             entry->if_index =
+                 netsnmp_access_interface_ioctl_ifindex_get(fd,name);
++            if (entry->if_index == 0)
++                goto free_entry;
++        }
+ 
+         /*
+          * arbitrary index
+@@ -186,8 +187,8 @@ _load_ipv4(netsnmp_container* container, u_long *index )
+         if (CONTAINER_INSERT(container, entry) < 0)
+         {
+             DEBUGMSGTL(("access:route:container", "error with route_entry: insert into container failed.\n"));
++free_entry:
+             netsnmp_access_route_entry_free(entry);
+-            continue;
+         }
+     }
+ 
+-- 
+2.33.0
+
diff --git a/backport-Linux-IF-MIB-Fix-a-memory-leak.patch b/backport-Linux-IF-MIB-Fix-a-memory-leak.patch
new file mode 100644
index 0000000000000000000000000000000000000000..44bdc09d1ad8e8b8d4eddadd0f45f0fbb6e371b5
--- /dev/null
+++ b/backport-Linux-IF-MIB-Fix-a-memory-leak.patch
@@ -0,0 +1,37 @@
+From 8bb544fbd2d6986a9b73d3fab49235a4baa96c23 Mon Sep 17 00:00:00 2001
+From: Bart Van Assche <bvanassche@acm.org>
+Date: Sat, 31 Jul 2021 16:21:16 -0700
+Subject: [PATCH] Linux: IF-MIB: Fix a memory leak
+
+The Linux kernel regenerates proc files in their entirety every time a 4 KiB
+boundary is crossed. This can result in reading the same network interface
+twice if network information changes while it is being read. Fix a memory
+leak that can be triggered if /proc/net/dev changes while being read.
+---
+ agent/mibgroup/if-mib/data_access/interface_linux.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/agent/mibgroup/if-mib/data_access/interface_linux.c b/agent/mibgroup/if-mib/data_access/interface_linux.c
+index e99360a21..215b30e80 100644
+--- a/agent/mibgroup/if-mib/data_access/interface_linux.c
++++ b/agent/mibgroup/if-mib/data_access/interface_linux.c
+@@ -921,7 +921,15 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
+         /*
+          * add to container
+          */
+-        CONTAINER_INSERT(container, entry);
++        if (CONTAINER_INSERT(container, entry) != 0) {
++            netsnmp_interface_entry *existing =
++                CONTAINER_FIND(container, entry);
++            NETSNMP_LOGONCE((LOG_WARNING,
++                             "Encountered interface with index %" NETSNMP_PRIz "u twice: %s <> %s",
++                             entry->index, existing ? existing->name : "(?)",
++                             entry->name));
++            netsnmp_access_interface_entry_free(entry);
++        }
+     }
+ #ifdef NETSNMP_ENABLE_IPV6
+     netsnmp_access_ipaddress_container_free(addr_container, 0);
+-- 
+2.33.0
+
diff --git a/backport-Linux-IF-MIB-Pass-the-network-interface-index-to-net.patch b/backport-Linux-IF-MIB-Pass-the-network-interface-index-to-net.patch
new file mode 100644
index 0000000000000000000000000000000000000000..4e4840fc0fabf1d99fd975365a18d7f27ea92f80
--- /dev/null
+++ b/backport-Linux-IF-MIB-Pass-the-network-interface-index-to-net.patch
@@ -0,0 +1,40 @@
+From 8da919e4ad66dec376f54a6d2f7dd7a7fe68b8f0 Mon Sep 17 00:00:00 2001
+From: Bart Van Assche <bvanassche@acm.org>
+Date: Sat, 31 Jul 2021 16:01:11 -0700
+Subject: [PATCH] Linux: IF-MIB: Pass the network interface index to
+ netsnmp_access_interface_entry_create()
+
+Instead of letting netsnmp_access_interface_entry_create() call
+netsnmp_arch_interface_index_find() a second time, pass the network interface
+index to that function.
+---
+ agent/mibgroup/if-mib/data_access/interface_linux.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/agent/mibgroup/if-mib/data_access/interface_linux.c b/agent/mibgroup/if-mib/data_access/interface_linux.c
+index 9c96eb92d..e99360a21 100644
+--- a/agent/mibgroup/if-mib/data_access/interface_linux.c
++++ b/agent/mibgroup/if-mib/data_access/interface_linux.c
+@@ -733,8 +733,9 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
+          * ip version is to look for ip addresses. If anyone
+          * knows a better way, put it here!
+          */
+-#ifdef NETSNMP_ENABLE_IPV6
+         if_index = netsnmp_arch_interface_index_find(ifstart);
++        netsnmp_assert(if_index != 0);
++#ifdef NETSNMP_ENABLE_IPV6
+         _arch_interface_has_ipv6(if_index, &flags, addr_container);
+ #endif
+         netsnmp_access_interface_ioctl_has_ipv4(fd, ifstart, 0, &flags, &ifc);
+@@ -752,7 +753,7 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
+             continue;
+         }
+ 
+-        entry = netsnmp_access_interface_entry_create(ifstart, 0);
++        entry = netsnmp_access_interface_entry_create(ifstart, if_index);
+         if(NULL == entry) {
+ #ifdef NETSNMP_ENABLE_IPV6
+             netsnmp_access_ipaddress_container_free(addr_container, 0);
+-- 
+2.33.0
+
diff --git a/net-snmp.spec b/net-snmp.spec
index 608849a099a150ffb2aab52f6583f34806871cb4..c430f33a40ac31dd61c3ef1dc8166f542f0035ad 100644
--- a/net-snmp.spec
+++ b/net-snmp.spec
@@ -3,7 +3,7 @@
 
 Name:            net-snmp
 Version:         5.9.1
-Release:         3
+Release:         4
 Epoch:           1
 Summary:         SNMP Daemon
 License:         BSD
@@ -49,6 +49,11 @@ Patch32:         backport-Python-Fix-snmpwalk-with-UseNumeric-1.patch
 Patch33:         backport-net-snmp-5.9.1-autoconf.patch
 Patch34:         backport-0001-CVE-2022-24805-24806-24807-24808-24809-24810.patch
 Patch35:         backport-0002-CVE-2022-24805-24806-24807-24808-24809-24810.patch
+Patch36:         backport-Linux-IF-MIB-Pass-the-network-interface-index-to-net.patch
+Patch37:         backport-Linux-IF-MIB-Fix-a-memory-leak.patch
+Patch38:         backport-IF-MIB-IP-FORWARD-MIB-Improve-robustness.patch
+Patch39:         backport-IF-MIB-Fix-a-recently-introduced-use-after-free.patch
+Patch40:         backport-IF-MIB-Add-a-trailing-newline-to-an-error-message.patch
 
 %{?systemd_requires}
 BuildRequires:   systemd gcc openssl-devel bzip2-devel elfutils-devel libselinux-devel
@@ -328,6 +333,16 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test
 %{_mandir}/man1/fixproc*
 
 %changelog
+* Fri Sep 30 2022 xingwei <xingwei14@h-partners.com> - 1:5.9.1-4
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC: IF-MIB, IP-FORWARD-MIB: Improve robustness
+        IF-MIB: pass the network interface index to net
+        IF-MIB: fix a memory leak
+        IF-MIB: fix a recently introduced use after free
+        IF-MIB: add a trailing newline to an error message
+
 * Sat Aug 27 2022 gaihuiying <eaglegai@163.com> - 1:5.9.1-3
 - Type:CVE
 - CVE:CVE-2022-24805 CVE-2022-24806 CVE-2022-24807 CVE-2022-24808 CVE-2022-24809 CVE-2022-24810