diff --git a/backport-CVE-2023-24626.patch b/backport-CVE-2023-24626.patch
new file mode 100644
index 0000000000000000000000000000000000000000..32165e8cfd266684ea9e81162309d55a8577fd8b
--- /dev/null
+++ b/backport-CVE-2023-24626.patch
@@ -0,0 +1,43 @@
+From 6df4a48ff6b31bedc2d0216b84dbe66cf9ca5e23 Mon Sep 17 00:00:00 2001
+From: Alexander Naumov <alexander_naumov@opensuse.org>
+Date: Wed, 1 Feb 2023 13:47:57 +0200
+Subject: [PATCH] Missing signal sending permission check on failed query
+ messages
+
+When run as setuid root, one can send a query message to the
+privileged screen process via its unix socket in order to force
+it to send SIGHUP to a PID that can be freely specified in the
+query packet.
+Processes that do not explicitly handle SIGHUP will simply terminate
+
+Signed-off-by: Alexander Naumov <alexander_naumov@opensuse.org>
+---
+ socket.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/socket.c b/socket.c
+index bb68b35..0a575cf 100644
+--- a/socket.c
++++ b/socket.c
+@@ -1285,11 +1285,16 @@ ReceiveMsg()
+           else
+             queryflag = -1;
+ 
+-          Kill(m.m.command.apid,
++	  if (CheckPid(m.m.command.apid)) {
++	    Msg(0, "Query attempt with bad pid(%d)!", m.m.command.apid);
++	  }
++	  else {
++            Kill(m.m.command.apid,
+                (queryflag >= 0)
+                    ? SIGCONT
+                    : SIG_BYE); /* Send SIG_BYE if an error happened */
+-          queryflag = -1;
++            queryflag = -1;
++	  }
+         }
+         break;
+       case MSG_COMMAND:
+-- 
+2.27.0
+
diff --git a/screen.spec b/screen.spec
index edbb9afca763fda832c675fc0ed5536960102a5c..f9c5a98263b27b7eb131dda8e75a06880e6de776 100644
--- a/screen.spec
+++ b/screen.spec
@@ -1,7 +1,7 @@
 Name:           screen
 Epoch:          1
 Version:        4.9.0
-Release:        1
+Release:        2
 Summary:        A full-screen window manager
 License:        GPLv3+
 URL:            http://www.gnu.org/software/screen
@@ -13,6 +13,8 @@ Patch2:         screen-E3.patch
 Patch3:         screen-4.3.1-suppress_remap.patch
 Patch4:         screen-4.3.1-crypt.patch
 
+Patch6001:      backport-CVE-2023-24626.patch
+
 BuildRequires:  automake autoconf gcc ncurses-devel texinfo
 BuildRequires:  systemd
 Requires:       shadow-utils
@@ -97,6 +99,9 @@ fi
 %{_infodir}/screen.info*
 
 %changelog
+* Wed Apr 19 2023 hongjinghao <hongjinghao@huawei.com> - 1:4.9.0-2
+- fix CVE-2023-24626
+
 * Fri Oct 21 2022 hongjinghao <hongjinghao@huawei.com> - 1:4.9.0-1
 - update to 4.9.0