diff --git a/backport-CVE-2024-57970.patch b/backport-CVE-2024-57970.patch
new file mode 100644
index 0000000000000000000000000000000000000000..61e5e9f59ab4904c54f398d65b825263519a575c
--- /dev/null
+++ b/backport-CVE-2024-57970.patch
@@ -0,0 +1,34 @@
+From 82912103214506316bd9990d73f33d743d55f570 Mon Sep 17 00:00:00 2001
+From: Tim Kientzle <kientzle@acm.org>
+Date: Mon, 9 Dec 2024 21:09:29 -0800
+Subject: [PATCH] Handle truncation in the middle of a GNU long linkname
+ (#2422)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Thanks to gbdngb12 김동건 for reporting this.
+
+Resolves Issue #2415
+---
+ libarchive/archive_read_support_format_tar.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/libarchive/archive_read_support_format_tar.c b/libarchive/archive_read_support_format_tar.c
+index ecaf6c3..2c7ec59 100644
+--- a/libarchive/archive_read_support_format_tar.c
++++ b/libarchive/archive_read_support_format_tar.c
+@@ -1145,7 +1145,9 @@ header_gnu_longlink(struct archive_read *a, struct tar *tar,
+ 	struct archive_string linkpath;
+ 	archive_string_init(&linkpath);
+ 	err = read_body_to_string(a, tar, &linkpath, h, unconsumed);
+-	archive_entry_set_link(entry, linkpath.s);
++	if (err == ARCHIVE_OK) {
++		archive_entry_set_link(entry, linkpath.s);
++	}
+ 	archive_string_free(&linkpath);
+ 	return (err);
+ }
+-- 
+2.46.0
+
diff --git a/libarchive.spec b/libarchive.spec
index 1bff6892834d04be04db92fbce24b30cf675bbdc..adca0d4fd052b4fdd7626e55689b9f5685284dd1 100644
--- a/libarchive.spec
+++ b/libarchive.spec
@@ -2,12 +2,14 @@
 
 Name:           libarchive
 Version:        3.7.7
-Release:        1
+Release:        2
 Summary:        Multi-format archive and compression library
 License:        BSD-2-Clause
 URL:            https://www.libarchive.org/
 Source0:        https://github.com/libarchive/libarchive/releases/download/v%{version}/%{name}-%{version}.tar.xz
 
+Patch6000:      backport-CVE-2024-57970.patch
+
 BuildRequires:  gcc bison sharutils zlib-devel bzip2-devel xz-devel
 BuildRequires:  e2fsprogs-devel libacl-devel libattr-devel
 BuildRequires:  openssl-devel libxml2-devel lz4-devel libzstd-devel
@@ -187,6 +189,12 @@ run_testsuite
 %{_bindir}/bsdunzip
 
 %changelog
+* Mon Feb 17 2025 changtao <changtao@kylinos.com> - 3.7.7-2
+- Type:CVE
+- ID:CVE-2024-57970
+- SUG:NA
+- DESC:fix CVE-2024-57970
+
 * Sun Oct 13 2024 Funda Wang <fundawang@yeah.net> - 3.7.7-1
 - update to 3.7.7