diff --git a/0003-async-thread-avoid-closing-eventfd-twice.patch b/0003-async-thread-avoid-closing-eventfd-twice.patch
new file mode 100644
index 0000000000000000000000000000000000000000..d18fee05a19661a83ef73fac727c2bb8747f71f5
--- /dev/null
+++ b/0003-async-thread-avoid-closing-eventfd-twice.patch
@@ -0,0 +1,36 @@
+From 270e881d0902a1efa24ceb7736768ec38ffa12a9 Mon Sep 17 00:00:00 2001
+From: Andy Pan <i@andypan.me>
+Date: Thu, 12 Dec 2024 12:48:56 +0000
+Subject: [PATCH] async-thread: avoid closing eventfd twice
+
+When employing eventfd for socketpair, there is only one file
+descriptor. Closing that fd twice might result in fd corruption.
+Thus, we should avoid closing the eventfd twice, following the
+pattern in lib/multi.c.
+
+Fixes #15725
+Closes #15727
+Reported-by: Christian Heusel
+---
+ lib/asyn-thread.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/asyn-thread.c b/lib/asyn-thread.c
+index a2e294f..518e81a 100644
+--- a/lib/asyn-thread.c
++++ b/lib/asyn-thread.c
+@@ -195,9 +195,11 @@ void destroy_thread_sync_data(struct thread_sync_data *tsd)
+    * close one end of the socket pair (may be done in resolver thread);
+    * the other end (for reading) is always closed in the parent thread.
+    */
++#ifndef USE_EVENTFD
+   if(tsd->sock_pair[1] != CURL_SOCKET_BAD) {
+     sclose(tsd->sock_pair[1]);
+   }
++#endif
+ #endif
+   memset(tsd, 0, sizeof(*tsd));
+ }
+-- 
+2.39.3
+
diff --git a/curl.spec b/curl.spec
index 25abac50159272089276bf2bd8ad1a0233136a57..3e372e529ce46ac04e2f541c70ab9e25f6f51fc5 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,4 +1,4 @@
-%define anolis_release 5
+%define anolis_release 6 
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Epoch: 1
@@ -78,6 +78,8 @@ BuildRequires: perl(vars)
 Patch: 0001-fix-cve-2024-2398.patch
 # https://github.com/curl/curl/commit/a94973805df96269bf
 Patch: 0002-fix-cve-2024-9681.patch
+#https://github.com/curl/curl/commit/ff5091aa9f73802e894b1cbdf
+Patch: 0003-async-thread-avoid-closing-eventfd-twice.patch
 
 # The test-suite runs automatically through valgrind if valgrind is available
 # on the system.  By not installing valgrind into mock's chroot, we disable
@@ -369,6 +371,9 @@ rm -rf ${RPM_BUILD_ROOT}%{_datadir}/fish
 %doc docs/TheArtOfHttpScripting.md
 
 %changelog
+* Mon Mar 10 2025 shenzl <shenzhongli@inspur.com> - 8.4.0-6
+- fix CVE-2025-0665
+
 * Wed Jan 15 2025 Kaiqiang Wang <wangkaiqiang@inspur.com> - 8.4.0-5
 - fix CVE-2024-9681