diff --git a/backport-CVE-2025-7345.patch b/backport-CVE-2025-7345.patch
new file mode 100644
index 0000000000000000000000000000000000000000..4d9da4f9f63c74341c5d324f6acbd1b7d869dc84
--- /dev/null
+++ b/backport-CVE-2025-7345.patch
@@ -0,0 +1,50 @@
+From 4af78023ce7d3b5e3cec422a59bb4f48fa4f5886 Mon Sep 17 00:00:00 2001
+From: Matthias Clasen <mclasen@redhat.com>
+Date: Fri, 11 Jul 2025 11:02:05 -0400
+Subject: [PATCH] jpeg: Be more careful with chunked icc data
+
+We we inadvertendly trusting the sequence numbers not to lie.
+If they do we would report a larger data size than we actually
+allocated, leading to out of bounds memory access in base64
+encoding later on.
+
+This has been assigned CVE-2025-7345.
+
+Fixes: #249
+---
+ gdk-pixbuf/io-jpeg.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/gdk-pixbuf/io-jpeg.c b/gdk-pixbuf/io-jpeg.c
+index 9cfd29718..103820c5a 100644
+--- a/gdk-pixbuf/io-jpeg.c
++++ b/gdk-pixbuf/io-jpeg.c
+@@ -359,6 +359,7 @@ jpeg_parse_exif_app2_segment (JpegExifContext *context, jpeg_saved_marker_ptr ma
+ 		context->icc_profile = g_new (gchar, chunk_size);
+ 		/* copy the segment data to the profile space */
+ 		memcpy (context->icc_profile, marker->data + 14, chunk_size);
++                ret = TRUE;
+ 		goto out;
+ 	}
+ 
+@@ -380,12 +381,15 @@ jpeg_parse_exif_app2_segment (JpegExifContext *context, jpeg_saved_marker_ptr ma
+ 	/* copy the segment data to the profile space */
+ 	memcpy (context->icc_profile + offset, marker->data + 14, chunk_size);
+ 
+-	/* it's now this big plus the new data we've just copied */
+-	context->icc_profile_size += chunk_size;
++        context->icc_profile_size = MAX (context->icc_profile_size, offset + chunk_size);
+ 
+ 	/* success */
+ 	ret = TRUE;
+ out:
++        if (!ret) {
++                g_free (context->icc_profile);
++                context->icc_profile = NULL;
++        }
+ 	return ret;
+ }
+ 
+-- 
+GitLab
+
diff --git a/gdk-pixbuf2.spec b/gdk-pixbuf2.spec
index 95c609911022157f6b2452e47b36472dc6c86049..4b0cd53f0c38f2c0f4d4565c4dae6a8a9cb674c1 100644
--- a/gdk-pixbuf2.spec
+++ b/gdk-pixbuf2.spec
@@ -2,7 +2,7 @@
 
 Name:           gdk-pixbuf2
 Version:        2.42.6
-Release:        8
+Release:        9
 Summary:        gdk is a multi-platform toolkit for creating graphical user interfaces.
 License:        LGPLv2+
 URL:            https://gitlab.gnome.org/GNOME/gdk-pixbuf
@@ -13,6 +13,7 @@ Patch6000:	backport-CVE-2021-46829.patch
 Patch6001:	backport-CVE-2021-44648.patch
 Patch6002:	backport-CVE-2022-48622.patch
 Patch6003:      backport-CVE-2025-6199.patch
+Patch6004:      backport-CVE-2025-7345.patch
 
 BuildRequires:  docbook-style-xsl
 BuildRequires:  gettext
@@ -132,6 +133,9 @@ gdk-pixbuf-query-loaders-%{__isa_bits} --update-cache
 %{_mandir}/man1/gdk-pixbuf-csource.1*
 
 %changelog
+* Mon Jul 14 2025 kouwenqi <kouwenqi@kylinos.cn> - 2.42.6-9
+- fix CVE-2025-7345
+
 * Wed Jun 18 2025 Funda Wang <fundawang@yeah.net> - 2.42.6-8
 - fix CVE-2025-6199