diff --git a/CVE-2021-40633.patch b/CVE-2021-40633.patch
new file mode 100644
index 0000000000000000000000000000000000000000..80f10f0a42f8672999b23613e8e86de1a3999f52
--- /dev/null
+++ b/CVE-2021-40633.patch
@@ -0,0 +1,13 @@
+diff -urN giflib-5.2.1/gif2rgb.c giflib-5.2.1-bak/gif2rgb.c
+--- giflib-5.2.1/gif2rgb.c	2024-05-14 16:38:28.259385838 +0800
++++ giflib-5.2.1-bak/gif2rgb.c	2024-05-14 16:40:04.629090800 +0800
+@@ -498,6 +498,9 @@
+ 		   ScreenBuffer, 
+ 		   GifFile->SWidth, GifFile->SHeight);
+ 
++    for (i = 0; i < GifFile->SHeight; i++) {
++	    (void)free(ScreenBuffer[i]);
++    }
+     (void)free(ScreenBuffer);
+ 
+     if (DGifCloseFile(GifFile, &Error) == GIF_ERROR) {
diff --git a/giflib.spec b/giflib.spec
index 38d5b85c200e594408d70f44c03ada8b7a8ff453..e6fd49e5e15eee93ea340f7bef3444a60a6d2125 100644
--- a/giflib.spec
+++ b/giflib.spec
@@ -1,6 +1,6 @@
 Name:          giflib
 Version:       5.2.1
-Release:       4
+Release:       5
 Summary:       A library and utilities for processing GIFs
 License:       MIT
 URL:           http://www.sourceforge.net/projects/giflib/
@@ -11,6 +11,7 @@ Patch6002:     giflib_coverity.patch
 Patch6003:     giflib_html-docs-consistent-ids.patch
 Patch6004:     CVE-2022-28506.patch
 Patch6005:     CVE-2023-39742.patch
+Patch6006:     CVE-2021-40633.patch
 
 BuildRequires: make xmlto gcc
 provides:      giflib-utils = %{name}-%{version}
@@ -68,6 +69,9 @@ rm -f %{buildroot}%{_libdir}/libgif.a
 %{_bindir}/gif*
 
 %changelog
+* Tue May 14 2024 liwenjie <liwenjie@kylinos.cn> - 5.2.1-5
+- Fix CVE-2021-40633
+
 * Fri Sep 15 2023 Funda Wang <fundawang@yeah.net> - 5.2.1-4
 - Fix CVE-2023-39742