diff --git a/libarchive-3.1.2-CVE-2025-5914.patch b/libarchive-3.1.2-CVE-2025-5914.patch
new file mode 100644
index 0000000000000000000000000000000000000000..baedb1e82e8fbf3c160ce37d829eff7ae90a1ccb
--- /dev/null
+++ b/libarchive-3.1.2-CVE-2025-5914.patch
@@ -0,0 +1,36 @@
+From 1db9d27fe2bf9fdbac25334540327607a87ea762 Mon Sep 17 00:00:00 2001
+From: zhuhongbo <zhuhongbo@uniontech.com>
+Date: Wed, 3 Dec 2025 17:06:40 +0800
+Subject: [PATCH] fix cve CVE-2025-5914
+
+---
+ libarchive/archive_read_support_format_rar.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
+index 7765f27..525afd4 100644
+--- a/libarchive/archive_read_support_format_rar.c
++++ b/libarchive/archive_read_support_format_rar.c
+@@ -254,8 +254,8 @@ struct rar
+   int found_first_header;
+   char has_endarc_header;
+   struct data_block_offsets *dbo;
+-  unsigned int cursor;
+-  unsigned int nodes;
++  size_t cursor;
++  size_t nodes;
+   char filename_must_match;
+ 
+   /* LZSS members */
+@@ -1023,7 +1023,7 @@ archive_read_format_rar_seek_data(struct archive_read *a, int64_t offset,
+     int whence)
+ {
+   int64_t client_offset, ret;
+-  unsigned int i;
++  size_t i;
+   struct rar *rar = (struct rar *)(a->format->data);
+ 
+   if (rar->compression_method == COMPRESS_METHOD_STORE)
+-- 
+2.39.3
+
diff --git a/libarchive.spec b/libarchive.spec
index b7d18764cf484348b5921462f9c51df0489fcd32..ea6dd085de53aa1d5c8994374d3c672706737582 100644
--- a/libarchive.spec
+++ b/libarchive.spec
@@ -1,6 +1,6 @@
 Name:           libarchive
 Version:        3.1.2
-Release:        14%{?dist}
+Release:        14%{?dist}.1
 Summary:        A library for handling streaming archive formats
 
 Group:          System Environment/Libraries
@@ -60,6 +60,7 @@ Patch27: libarchive-3.1.2-CVE-2019-1000020.patch
 Patch28: libarchive-3.3.2-CVE-2018-1000878.patch
 Patch29: libarchive-3.3.2-CVE-2018-1000877.patch
 Patch30: libarchive-3.2.1-CVE-2019-18408.patch
+Patch31: libarchive-3.1.2-CVE-2025-5914.patch
 
 %description
 Libarchive is a programming library that can create and read several different
@@ -134,7 +135,7 @@ libarchive packages.
 %patch28 -p1 -b .CVE-2019-1000878
 %patch29 -p1 -b .CVE-2019-1000877
 %patch30 -p1 -b .CVE-2019-18408
-
+%patch31 -p1 -b .CVE-2025-5914
 
 %build
 build/autogen.sh
@@ -227,6 +228,9 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+ * Wed Dec 03 2025 zhuhongbo <zhuhongbo@uniontech.com> - 3.1.2-14.1
+- cve: fix cve CVE-2025-5914
+
 * Fri Jan 17 2020 Patrik Novotný <panovotn@redhat.com> - 3.1.2-14
 - Fix patch application error