diff --git a/CVE-2022-24736.patch b/CVE-2022-24736.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8995c64a14091f63f0f57e00b954b342586d1c6f
--- /dev/null
+++ b/CVE-2022-24736.patch
@@ -0,0 +1,30 @@
+diff -Naru redis-5.0.7/src/scripting.c "redis-5.0.7 copy/src/scripting.c"
+--- redis-5.0.7/src/scripting.c	2019-11-20 01:05:52.000000000 +0800
++++ "redis-5.0.7 copy/src/scripting.c"	2022-05-19 15:15:20.762705000 +0800
+@@ -439,6 +439,10 @@
+         return raise_error ? luaRaiseError(lua) : 1;
+     }
+ 
++    /* Pop all arguments from the stack, we do not need them anymore
++     * and this way we guaranty we will have room on the stack for the result. */
++    lua_pop(lua, argc);
++
+     /* Setup our fake client for command execution */
+     c->argv = argv;
+     c->argc = argc;
+@@ -511,7 +515,14 @@
+             }
+             goto cleanup;
+         }
+-    }
++    } else if (server.masterhost == NULL &&
++                   server.repl_min_slaves_max_lag &&
++                   server.repl_min_slaves_to_write &&
++                   server.repl_good_slaves_count < server.repl_min_slaves_to_write)
++        {
++            luaPushError(lua, shared.noreplicaserr->ptr);
++            goto cleanup;
++        }
+ 
+     /* If we reached the memory limit configured via maxmemory, commands that
+      * could enlarge the memory usage are not allowed, but only if this is the
diff --git a/redis5.spec b/redis5.spec
index ae19aa51842d273b4644ac124a9f885bc74bd153..f610798b966b4b1e78a27adb4091ea3b1ae394fe 100644
--- a/redis5.spec
+++ b/redis5.spec
@@ -6,7 +6,7 @@
 %global Pname redis
 Name:                redis5
 Version:             5.0.7
-Release:             4
+Release:             5
 Summary:             A persistent key-value database
 License:             BSD and MIT
 URL:                 https://redis.io
@@ -24,6 +24,7 @@ Source10:            https://github.com/antirez/%{Pname}-doc/archive/%{doc_commi
 
 Patch0001:           Modify-aarch64-architecture-jemalloc-page-size-from-from-4k-to-64k.patch
 Patch0002:           Fix-redis5-gcc-10.patch
+Patch0003:           CVE-2022-24736.patch
 
 BuildRequires:       gcc
 %if %{with tests}
@@ -83,6 +84,7 @@ tar -xvf  %{SOURCE10}
 %setup -n %{Pname}-%{version}
 %ifarch aarch64
 %patch0001 -p1
+%patch0003 -p1
 %endif
 %patch0002 -p1
 mv ../%{Pname}-doc-%{doc_commit} doc
@@ -189,6 +191,9 @@ exit 0
 %{_docdir}/%{Pname}
 
 %changelog
+* Thu May 19 2022 yangyang <yangyang480@huawei.com> - 5.0.7-5
+- Fix missing patch in source package
+
 * Thu Sep 02 2021 lingsheng <lingsheng@huawei.com> - 5.0.7-4
 - Fix missing patch in source package