diff --git a/0001-fix-cve-2023-52890.patch b/0001-fix-cve-2023-52890.patch
new file mode 100644
index 0000000000000000000000000000000000000000..bf26dbf4add92e072f2da0d2d7bd78813ed19ccd
--- /dev/null
+++ b/0001-fix-cve-2023-52890.patch
@@ -0,0 +1,34 @@
+From 75dcdc2cf37478fad6c0e3427403d198b554951d Mon Sep 17 00:00:00 2001
+From: Erik Larsson <erik@tuxera.com>
+Date: Tue, 13 Jun 2023 17:47:15 +0300
+Subject: [PATCH] unistr.c: Fix use-after-free in 'ntfs_uppercase_mbs'.
+
+If 'utf8_to_unicode' throws an error due to an invalid UTF-8 sequence,
+then 'n' will be less than 0 and the loop will terminate without storing
+anything in '*t'. After the loop the uppercase string's allocation is
+freed, however after it is freed it is unconditionally accessed through
+'*t', which points into the freed allocation, for the purpose of NULL-
+terminating the string. This leads to a use-after-free.
+Fixed by only NULL-terminating the string when no error has been thrown.
+
+Thanks for Jeffrey Bencteux for reporting this issue:
+https://github.com/tuxera/ntfs-3g/issues/84
+---
+ libntfs-3g/unistr.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libntfs-3g/unistr.c b/libntfs-3g/unistr.c
+index 5854b3b7..db8ddf42 100644
+--- a/libntfs-3g/unistr.c
++++ b/libntfs-3g/unistr.c
+@@ -1189,8 +1189,9 @@ char *ntfs_uppercase_mbs(const char *low,
+ 			free(upp);
+ 			upp = (char*)NULL;
+ 			errno = EILSEQ;
++		} else {
++			*t = 0;
+ 		}
+-		*t = 0;
+ 	}
+ 	return (upp);
+ }
diff --git a/ntfs-3g.spec b/ntfs-3g.spec
index 617f28a9311f3c32adf982737a71442120c0e890..416b36485be4152fbc61ab34dc029c6a5d391489 100644
--- a/ntfs-3g.spec
+++ b/ntfs-3g.spec
@@ -1,4 +1,4 @@
-%define anolis_release 1
+%define anolis_release 2
 %bcond_with externalfuse
 
 Name:           ntfs-3g
@@ -9,6 +9,10 @@ Summary:        Linux NTFS userspace driver
 License:        GPLv2+
 URL:            https://www.tuxera.com/company/open-source/
 Source0:	https://github.com/tuxera/ntfs-3g/archive/refs/tags/%{version}.tar.gz
+
+# https://github.com/tuxera/ntfs-3g/commit/75dcdc2cf37478fad6c0e3427403d198b554951d
+Patch0: 0001-fix-cve-2023-52890.patch 
+
 BuildRequires:  make
 # ntfs-3g BuildRequires
 BuildRequires:  gnutls-devel
@@ -214,6 +218,9 @@ rm -rf %{buildroot}%{_defaultdocdir}/%{name}/README
 %exclude %{_mandir}/man8/ntfs-3g*
 
 %changelog
+* Thu Jan 16 2025 yangxinyu <yangxinyu@nfschina.com> - 2:2022.10.3-2
+- fix cve-2023-52890
+
 * Sun Nov 27 2022 Funda Wang <fundawang@yeah.net> - 2:2022.10.3-1
 - New version 2022.10.3