diff --git a/0001-vpx_codec_enc_init_multi-fix-double-free-on-init-fai.patch b/0001-vpx_codec_enc_init_multi-fix-double-free-on-init-fai.patch
new file mode 100644
index 0000000000000000000000000000000000000000..7ecd94145a0d0e970893c289230f5cb7b377fec1
--- /dev/null
+++ b/0001-vpx_codec_enc_init_multi-fix-double-free-on-init-fai.patch
@@ -0,0 +1,63 @@
+From 0bbd41115d5afefe3cf789f7ed2e73c52d3f1a0b Mon Sep 17 00:00:00 2001
+From: James Zern <jzern@google.com>
+Date: Wed, 30 Apr 2025 19:28:48 -0700
+Subject: [PATCH] vpx_codec_enc_init_multi: fix double free on init failure
+
+In `vp8e_init()`, the encoder would take ownership of
+`mr_cfg.mr_low_res_mode_info` even if `vp8_create_compressor()` failed.
+This caused confusion at the call site as other failures in
+`vp8e_init()` did not result in ownership transfer and the caller would
+free the memory. In the case of `vp8_create_compressor()` failure both
+the caller and `vpx_codec_destroy()` would free the memory, causing a
+crash. `mr_*` related variables are now cleared on failure to prevent
+this situation.
+
+Bug: webm:413411335
+Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1962421
+Change-Id: Ie951d42b9029a586bf9059b650bd8863db9f9ffc
+(cherry picked from commit 1c758781c428c0e895645b95b8ff1512b6bdcecb)
+---
+ vp8/vp8_cx_iface.c    | 12 +++++++++++-
+ vpx/src/vpx_encoder.c |  3 +++
+ 2 files changed, 14 insertions(+), 1 deletion(-)
+
+diff --git a/vp8/vp8_cx_iface.c b/vp8/vp8_cx_iface.c
+index a6f0b4cbc..19e836690 100644
+--- a/vp8/vp8_cx_iface.c
++++ b/vp8/vp8_cx_iface.c
+@@ -722,7 +722,17 @@ static vpx_codec_err_t vp8e_init(vpx_codec_ctx_t *ctx,
+ 
+       set_vp8e_config(&priv->oxcf, priv->cfg, priv->vp8_cfg, mr_cfg);
+       priv->cpi = vp8_create_compressor(&priv->oxcf);
+-      if (!priv->cpi) res = VPX_CODEC_MEM_ERROR;
++      if (!priv->cpi) {
++#if CONFIG_MULTI_RES_ENCODING
++        // Release ownership of mr_cfg->mr_low_res_mode_info on failure. This
++        // prevents ownership confusion with the caller and avoids a double
++        // free when vpx_codec_destroy() is called on this instance.
++        priv->oxcf.mr_total_resolutions = 0;
++        priv->oxcf.mr_encoder_id = 0;
++        priv->oxcf.mr_low_res_mode_info = NULL;
++#endif
++        res = VPX_CODEC_MEM_ERROR;
++      }
+     }
+   }
+ 
+diff --git a/vpx/src/vpx_encoder.c b/vpx/src/vpx_encoder.c
+index 0d6e48015..5667d1297 100644
+--- a/vpx/src/vpx_encoder.c
++++ b/vpx/src/vpx_encoder.c
+@@ -113,6 +113,9 @@ vpx_codec_err_t vpx_codec_enc_init_multi_ver(
+           ctx->priv = NULL;
+           ctx->init_flags = flags;
+           ctx->config.enc = cfg;
++          // ctx takes ownership of mr_cfg.mr_low_res_mode_info if and only if
++          // this call succeeds. The first ctx entry in the array is
++          // responsible for freeing the memory.
+           res = ctx->iface->init(ctx, &mr_cfg);
+         }
+ 
+-- 
+2.49.0
+
diff --git a/libvpx-1.14.1.tar.gz b/libvpx-1.14.1.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..8fe06221ddb8d36e5e6082c914fdfc76e6359e93
Binary files /dev/null and b/libvpx-1.14.1.tar.gz differ
diff --git a/libvpx.spec b/libvpx.spec
index 3c8fe6f7fbfa3999402848fc632f868c4ad06721..9e55a2578209a6177d7da8f9a6db375d7d0c57b5 100644
--- a/libvpx.spec
+++ b/libvpx.spec
@@ -1,4 +1,4 @@
-%define anolis_release 2
+%define anolis_release		3
 %global somajor 9
 %global sominor 0
 %global sotiny  0
@@ -16,7 +16,7 @@
 
 Name:			libvpx
 Summary:		VP8/VP9 Video Codec SDK
-Version:		1.14.1
+Version:	1.14.1
 Release:		%{anolis_release}%{?dist}
 License:		BSD
 URL:			http://www.webmproject.org/code/
@@ -25,8 +25,12 @@ Source1:		vpx_config.h
 Source2:		libvpx.ver
 
 BuildRequires: make gcc gcc-c++ yasm doxygen php-cli perl(Getopt::Long)
+BuildRequires: doxygen,
+BuildRequires: php-cli,
+BuildRequires: nasm
 # From https://salsa.debian.org/multimedia-team/libvpx/-/merge_requests/5/diffs
 Patch0:	0001-CVE-2025-5283.patch
+Patch1:	0001-vpx_codec_enc_init_multi-fix-double-free-on-init-fai.patch
 
 %description
 libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications 
@@ -127,6 +131,9 @@ rm -rf %{buildroot}%{_prefix}/src
 %doc AUTHORS CHANGELOG README
 
 %changelog
+* Fri Aug 15 2025 Wenyuzifang <lzx02244079@alibaba-inc.com> - 1.14.1-3
+- Prevents double-free crashes, improves encoder stability and security during multi-resolution encoding setup
+  Resolves: RHEL-XXXXX
 * Mon Jun 18 2025 lzq11122 <lzq02303433@alibaba-inc.com> - 1.14.1-2
 - add patch to fix CVE-2025-5283
 
@@ -149,4 +156,3 @@ rm -rf %{buildroot}%{_prefix}/src
 
 * Thu Apr 07 2022 mgb01105731 <mgb01105731@alibaba-inc.com> - 1.11.0-1
 - Init from upstream version 1.11.0
-