diff --git a/100-libcap-cve-2025-1390.patch b/100-libcap-cve-2025-1390.patch
new file mode 100644
index 0000000000000000000000000000000000000000..839aed2ccc0cdfcbd6ac9d4e0e0e6dba4bb56fb3
--- /dev/null
+++ b/100-libcap-cve-2025-1390.patch
@@ -0,0 +1,32 @@
+From 1ad42b66c3567481cc5fa22fc1ba1556a316d878 Mon Sep 17 00:00:00 2001
+From: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
+Date: Mon, 17 Feb 2025 10:31:55 +0800
+Subject: pam_cap: Fix potential configuration parsing error
+
+The current configuration parsing does not actually skip user names
+that do not start with @, but instead treats the name as a group
+name for further parsing, which can result in matching unexpected
+capability sets and may trigger potential security issues.  Only
+names starting with @ should be parsed as group names.
+
+Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
+Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
+---
+ pam_cap/pam_cap.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/pam_cap/pam_cap.c b/pam_cap/pam_cap.c
+index 24de329..3ec99bb 100644
+--- a/pam_cap/pam_cap.c
++++ b/pam_cap/pam_cap.c
+@@ -166,6 +166,7 @@ static char *read_capabilities_for_user(const char *user, const char *source)
+ 
+ 	    if (line[0] != '@') {
+ 		D(("user [%s] is not [%s] - skipping", user, line));
++		continue;
+ 	    }
+ 
+ 	    int i;
+-- 
+cgit 1.2.3-korg
+
diff --git a/libcap.spec b/libcap.spec
index b56623bf7835791861e3c07e07972afdb77201af..5f98d37adf0bea2144c26dc8af7aafeab05ce971 100644
--- a/libcap.spec
+++ b/libcap.spec
@@ -1,4 +1,4 @@
-%define anolis_release .0.1
+%define anolis_release .0.2
 Name: libcap
 Version: 2.48
 Release: 6%{anolis_release}%{?dist}
@@ -16,6 +16,7 @@ Patch4: %{name}-fix-prctl-usage.patch
 Patch5: %{name}-check-allocation.patch
 Patch6: %{name}-cve-2023-2603.patch
 Patch7: %{name}-cve-2023-2602.patch
+Patch8: 100-%{name}-cve-2025-1390.patch
 
 BuildRequires: libattr-devel pam-devel perl-interpreter
 BuildRequires: make
@@ -94,6 +95,9 @@ chmod +x %{buildroot}/%{_libdir}/*.so.*
 %{_libdir}/pkgconfig/libpsx.pc
 
 %changelog
+* Tue Feb 18 2025 Shile Zhang<shile.zhang@linux.alibaba.com> - 2.48-6.0.2
+- Fix CVE-2025-1390
+
 * Tue Jan 23 2024 Chen Qiao <qiao.chen@zte.com.cn> - 2.48-6.0.1
 - Fix  CVE-2023-2603