diff --git a/backport-Fix-potential-integer-overflow-in-parsednssl.patch b/backport-Fix-potential-integer-overflow-in-parsednssl.patch
new file mode 100644
index 0000000000000000000000000000000000000000..34538189d43aa01564b77aa70a60ee3a7daecd74
--- /dev/null
+++ b/backport-Fix-potential-integer-overflow-in-parsednssl.patch
@@ -0,0 +1,34 @@
+From fd9549c0fb0e1916ca553a1abbeebd48f608955d Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?David=20H=C3=A4rdeman?= <david@hardeman.nu>
+Date: Sun, 11 Feb 2024 18:29:15 +0100
+Subject: [PATCH] Fix potential integer overflow in parsednssl()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+optlen is a uint8_t because the length field in the RA header is one octet
+(representing the length in units of 8 octets). Later optlen is multiplied by 8
+to represent the length in bytes, meaning that the variable can overflow.
+
+Signed-off-by: David Härdeman <david@hardeman.nu>
+Signed-off-by: Rémi Denis-Courmont <remi@remlab.net>
+---
+ src/ndisc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ndisc.c b/src/ndisc.c
+index 1640794..b190b18 100644
+--- a/src/ndisc.c
++++ b/src/ndisc.c
+@@ -451,7 +451,7 @@ static int
+ parsednssl (const uint8_t *opt)
+ {
+ 	const uint8_t *base;
+-	uint8_t optlen = opt[1];
++	uint16_t optlen = opt[1];
+ 	if (optlen < 2)
+ 		return -1;
+ 
+-- 
+2.34.1
+
diff --git a/ndisc6.spec b/ndisc6.spec
index 86f5d1ceba6c5d9d4a88bed990d7576e7751adaa..5659103c1cf98bbaa0af18185f7d5815edb8e67c 100644
--- a/ndisc6.spec
+++ b/ndisc6.spec
@@ -1,6 +1,6 @@
 Name:		ndisc6
 Version:	1.0.7
-Release:	1
+Release:	2
 Summary:	IPv6 diagnostic tools
 License:	GPLv2 or GPLv3
 URL:		http://www.remlab.net/ndisc6
@@ -8,6 +8,7 @@ Source0:	http://www.remlab.net/files/ndisc6/%{name}-%{version}.tar.bz2
 
 Patch0:    	bugfix-add-self-mac-check.patch
 Patch1:    	bugfix-add-SO_BINDTODEVICE.patch
+Patch2:         backport-Fix-potential-integer-overflow-in-parsednssl.patch
 
 BuildRequires:	gcc perl-generators
 
@@ -47,6 +48,12 @@ It includes the follwing programs :
 %{_mandir}/man*
 
 %changelog
+* Tue Jan 7 2025 yinbin <yinbin8@huawei.com> - 1.0.7-2
+- Type: bugfix
+- ID: NA
+- SUG: NA
+- DESC: Fix potential integer overflow in parsednssl
+
 * Thu Feb 1 2024 liubo <liubo335@huawei.com> - 1.0.7-1
 - Type: requirement
 - ID: NA