diff --git a/acl.spec b/acl.spec
index d4921aebc30e71abd6a5042952131a1400001d73..943b7cfc84390a9c27be78a372b93efab866afd9 100644
--- a/acl.spec
+++ b/acl.spec
@@ -1,6 +1,6 @@
 Name:          acl
 Version:       2.2.53
-Release:       10
+Release:       11
 Summary:       Commands for manipulating POSIX access control lists
 
 License:       GPLv2+
@@ -8,6 +8,7 @@ URL:           https://savannah.nongnu.org/projects/acl
 Source0:       http://download.savannah.nongnu.org/releases/acl/acl-2.2.53.tar.gz
 
 Patch1:    backport-acl_copy_entry-Prevent-accidental-NULL-pointer-deref.patch
+Patch2:    backport-acl_from_mode-acl_copy_int-Fix-segfault-on-allocatio.patch
 
 BuildRequires: libattr-devel gawk libtool gettext
 BuildRequires: chrpath
@@ -95,6 +96,9 @@ make check
 %{_mandir}/man5/*
 
 %changelog
+* Thu Jun 5 2025 yixiangzhike <yixiangzhike007@163.com> - 2.2.53-11
+- backport upstream patch to fix segfault on allocation failure
+
 * Wed Jul 10 2024 yixiangzhike <yixiangzhike007@163.com> - 2.2.53-10
 - backport upstream patch to avoid NULL dereferences
 
diff --git a/backport-acl_from_mode-acl_copy_int-Fix-segfault-on-allocatio.patch b/backport-acl_from_mode-acl_copy_int-Fix-segfault-on-allocatio.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8efce2c7f1c6fb916039673b9b9346fe8a6b5ecc
--- /dev/null
+++ b/backport-acl_from_mode-acl_copy_int-Fix-segfault-on-allocatio.patch
@@ -0,0 +1,51 @@
+From 40c190dc1f6630054d7d2f850a0b9fb10c7bbcb1 Mon Sep 17 00:00:00 2001
+From: Tavian Barnes <tavianator@tavianator.com>
+Date: Thu, 3 Sep 2020 16:56:05 -0400
+Subject: [PATCH] acl_from_mode, acl_copy_int: Fix segfault on allocation
+ failure
+
+__acl_free_acl_obj() is unprepared for NULL, so just return immediately
+instead of trying to free a NULL obj.
+
+Signed-off-by: Tavian Barnes <tavianator@tavianator.com>
+[Fix the same bug in acl_copy_int.]
+Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
+---
+ libacl/acl_copy_int.c  | 3 +--
+ libacl/acl_from_mode.c | 2 +-
+ 2 files changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/libacl/acl_copy_int.c b/libacl/acl_copy_int.c
+index bcbacf1..f0b6f30 100644
+--- a/libacl/acl_copy_int.c
++++ b/libacl/acl_copy_int.c
+@@ -47,7 +47,7 @@ acl_copy_int(const void *buf_p)
+ 	entries = size / sizeof(struct __acl_entry);
+ 	acl_obj_p = __acl_init_obj(entries);
+ 	if (acl_obj_p == NULL)
+-		goto fail;
++		return NULL;
+ 	end_p = ext_acl->x_entries + entries;
+ 	for(; ent_p != end_p; ent_p++) {
+ 		entry_obj_p = __acl_create_entry_obj(acl_obj_p);
+@@ -64,4 +64,3 @@ fail:
+ 	__acl_free_acl_obj(acl_obj_p);
+ 	return NULL;
+ }
+-
+diff --git a/libacl/acl_from_mode.c b/libacl/acl_from_mode.c
+index c6999e3..cda661d 100644
+--- a/libacl/acl_from_mode.c
++++ b/libacl/acl_from_mode.c
+@@ -42,7 +42,7 @@ acl_from_mode(mode_t mode)
+ 
+ 	acl_obj_p = __acl_init_obj(3);
+ 	if (!acl_obj_p)
+-		goto fail;
++		return NULL;
+ 
+ 	entry_obj_p = __acl_create_entry_obj(acl_obj_p);
+ 	if (!entry_obj_p)
+-- 
+2.43.0
+