diff --git a/ansible.spec b/ansible.spec
index d9e1e6fa902517bddd56585d61528c50f0f3d73d..609df54e3f2992b0b3d3a013c7f5a1a91a79b7de 100644
--- a/ansible.spec
+++ b/ansible.spec
@@ -2,7 +2,7 @@
 Name: ansible
 Summary: SSH-based configuration management, deployment, and task execution system
 Version: 2.9.27
-Release: 5
+Release: 6
 
 License: GPLv3+
 Source0: https://releases.ansible.com/ansible/%{name}-%{version}.tar.gz
@@ -19,6 +19,7 @@ Patch4: ansible-2.9.23-sphinx4.patch
 Patch5: hostname-module-support-openEuler.patch
 Patch6: Fix-build-error-for-sphinx-7.0.patch
 Patch7: CVE-2024-0690.patch
+Patch8: fix-CVE-2024-9902.patch 
 
 Provides:      ansible-python3 = %{version}-%{release}
 Obsoletes:     ansible-python3 < %{version}-%{release}
@@ -216,6 +217,9 @@ make PYTHON=/usr/bin/python3 tests-py3
 %{python3_sitelib}/ansible_test
 
 %changelog
+* Fri Nov 8 2024 changtao <changtao@kylinos.cn> - 2.9.27-6
+- fix-CVE-2024-9902 
+
 * Mon Feb 05 2024 wangkai <13474090681@163.com> - 2.9.27-5
 - Fix CVE-2024-0690
 
diff --git a/fix-CVE-2024-9902.patch b/fix-CVE-2024-9902.patch
new file mode 100644
index 0000000000000000000000000000000000000000..3c489e6b3cb1ef7ca25e57f605bf3b4c61559f59
--- /dev/null
+++ b/fix-CVE-2024-9902.patch
@@ -0,0 +1,246 @@
+From 0959472bc62d3fcb28200bebed6346398ca355ea Mon Sep 17 00:00:00 2001
+From: Brian Coca <bcoca@users.noreply.github.com>
+Date: Thu, 24 Oct 2024 14:53:33 +0800
+Subject: [PATCH] user module, avoid chmoding symlink'd home file (#83956)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+also added tests
+
+---
+ 0001-fix-CVE-2024-9902.patch                  | 112 ++++++++++++++++++
+ changelogs/fragments/user_action_fix.yml      |   2 +
+ lib/ansible/modules/system/user.py            |   4 +-
+ .../targets/user/files/skel/.ssh/known_hosts  |   1 +
+ .../user/tasks/test_create_user_home.yml      |  66 +++++++++++
+ 5 files changed, 184 insertions(+), 1 deletion(-)
+ create mode 100644 0001-fix-CVE-2024-9902.patch
+ create mode 100644 changelogs/fragments/user_action_fix.yml
+ create mode 100644 test/integration/targets/user/files/skel/.ssh/known_hosts
+
+diff --git a/0001-fix-CVE-2024-9902.patch b/0001-fix-CVE-2024-9902.patch
+new file mode 100644
+index 00000000..8a75219f
+--- /dev/null
++++ b/0001-fix-CVE-2024-9902.patch
+@@ -0,0 +1,112 @@
++From 80430085f0988a423f830f5d1a4c8bc353b78427 Mon Sep 17 00:00:00 2001
++From: changtao <changtao@kylinos.cn>
++Date: Thu, 24 Oct 2024 14:50:11 +0800
++Subject: [PATCH] fix CVE-2024-9902
++
++---
++ changelogs/fragments/user_action_fix.yml      |  2 +
++ lib/ansible/modules/system/user.py            |  4 +-
++ .../user/tasks/test_create_user_home.yml      | 66 +++++++++++++++++++
++ 3 files changed, 71 insertions(+), 1 deletion(-)
++ create mode 100644 changelogs/fragments/user_action_fix.yml
++
++diff --git a/changelogs/fragments/user_action_fix.yml b/changelogs/fragments/user_action_fix.yml
++new file mode 100644
++index 00000000..64ee997d
++--- /dev/null
+++++ b/changelogs/fragments/user_action_fix.yml
++@@ -0,0 +1,2 @@
+++bugfixes:
+++  - user module now avoids changing ownership of files symlinked in provided home dir skeleton
++diff --git a/lib/ansible/modules/system/user.py b/lib/ansible/modules/system/user.py
++index fd56fc68..9d47425f 100644
++--- a/lib/ansible/modules/system/user.py
+++++ b/lib/ansible/modules/system/user.py
++@@ -1154,7 +1154,9 @@ class User(object):
++                 for d in dirs:
++                     os.chown(os.path.join(root, d), uid, gid)
++                 for f in files:
++-                    os.chown(os.path.join(root, f), uid, gid)
+++                    full_path = os.path.join(root, f)
+++                    if not os.path.islink(full_path):
+++                        os.chown(full_path, uid, gid)
++         except OSError as e:
++             self.module.exit_json(failed=True, msg="%s" % to_native(e))
++ 
++diff --git a/test/integration/targets/user/tasks/test_create_user_home.yml b/test/integration/targets/user/tasks/test_create_user_home.yml
++index 1b529f76..7fe9e33d 100644
++--- a/test/integration/targets/user/tasks/test_create_user_home.yml
+++++ b/test/integration/targets/user/tasks/test_create_user_home.yml
++@@ -134,3 +134,69 @@
++     name: randomuser
++     state: absent
++     remove: yes
+++
+++- name: Create user home directory with skel that contains symlinks
+++  tags: symlink_home
+++  when: ansible_system == 'Linux'
+++  become: True
+++  vars:
+++    flag: '{{tempdir.path}}/root_flag.conf'
+++  block:
+++    - name: make tempdir for skel
+++      tempfile: state=directory
+++      register: tempdir
+++
+++    - name: create flag file
+++      file: path={{flag}} owner=root state=touch
+++
+++    - name: copy skell to target
+++      copy:
+++        dest: '{{tempdir.path}}/skel'
+++        src: files/skel
+++      register: skel
+++
+++    - name: create the bad symlink
+++      file:
+++        src: '{{flag}}'
+++        dest: '{{tempdir.path}}/skel/should_not_change_own'
+++        state: link
+++
+++    - name: "Create user home directory with skeleton"
+++      user:
+++        name: withskeleton
+++        state: present
+++        skeleton: "{{tempdir.path}}/skel"
+++        createhome: yes
+++        home: /home/missing/withskeleton
+++      register: create_user_with_skeleton_symlink
+++
+++    - name: Check flag
+++      stat: path={{flag}}
+++      register: test_flag
+++
+++    - name: ensure we didn't change owner for flag
+++      assert:
+++        that:
+++          - test_flag.stat.uid != create_user_with_skeleton_symlink.uid
+++
+++  always:
+++    - name: "Remove test user"
+++      user:
+++        name: withskeleton
+++        state: absent
+++        remove: yes
+++
+++    - name: get files to delete
+++      find: path="{{tempdir.path}}"
+++      register: remove
+++      when:
+++        - tempdir is defined
+++        - tempdir is success
+++
+++    - name: "Remove temp files"
+++      file:
+++        path: '{{item}}'
+++        state: absent
+++      loop: "{{remove.files|default([])}}"
+++      when:
+++        - remove is success
++-- 
++2.43.0
++
+diff --git a/changelogs/fragments/user_action_fix.yml b/changelogs/fragments/user_action_fix.yml
+new file mode 100644
+index 00000000..64ee997d
+--- /dev/null
++++ b/changelogs/fragments/user_action_fix.yml
+@@ -0,0 +1,2 @@
++bugfixes:
++  - user module now avoids changing ownership of files symlinked in provided home dir skeleton
+diff --git a/lib/ansible/modules/system/user.py b/lib/ansible/modules/system/user.py
+index fd56fc68..9d47425f 100644
+--- a/lib/ansible/modules/system/user.py
++++ b/lib/ansible/modules/system/user.py
+@@ -1154,7 +1154,9 @@ class User(object):
+                 for d in dirs:
+                     os.chown(os.path.join(root, d), uid, gid)
+                 for f in files:
+-                    os.chown(os.path.join(root, f), uid, gid)
++                    full_path = os.path.join(root, f)
++                    if not os.path.islink(full_path):
++                        os.chown(full_path, uid, gid)
+         except OSError as e:
+             self.module.exit_json(failed=True, msg="%s" % to_native(e))
+ 
+diff --git a/test/integration/targets/user/files/skel/.ssh/known_hosts b/test/integration/targets/user/files/skel/.ssh/known_hosts
+new file mode 100644
+index 00000000..f5b72a21
+--- /dev/null
++++ b/test/integration/targets/user/files/skel/.ssh/known_hosts
+@@ -0,0 +1 @@
++test file, not real ssh hosts file
+diff --git a/test/integration/targets/user/tasks/test_create_user_home.yml b/test/integration/targets/user/tasks/test_create_user_home.yml
+index 1b529f76..7fe9e33d 100644
+--- a/test/integration/targets/user/tasks/test_create_user_home.yml
++++ b/test/integration/targets/user/tasks/test_create_user_home.yml
+@@ -134,3 +134,69 @@
+     name: randomuser
+     state: absent
+     remove: yes
++
++- name: Create user home directory with skel that contains symlinks
++  tags: symlink_home
++  when: ansible_system == 'Linux'
++  become: True
++  vars:
++    flag: '{{tempdir.path}}/root_flag.conf'
++  block:
++    - name: make tempdir for skel
++      tempfile: state=directory
++      register: tempdir
++
++    - name: create flag file
++      file: path={{flag}} owner=root state=touch
++
++    - name: copy skell to target
++      copy:
++        dest: '{{tempdir.path}}/skel'
++        src: files/skel
++      register: skel
++
++    - name: create the bad symlink
++      file:
++        src: '{{flag}}'
++        dest: '{{tempdir.path}}/skel/should_not_change_own'
++        state: link
++
++    - name: "Create user home directory with skeleton"
++      user:
++        name: withskeleton
++        state: present
++        skeleton: "{{tempdir.path}}/skel"
++        createhome: yes
++        home: /home/missing/withskeleton
++      register: create_user_with_skeleton_symlink
++
++    - name: Check flag
++      stat: path={{flag}}
++      register: test_flag
++
++    - name: ensure we didn't change owner for flag
++      assert:
++        that:
++          - test_flag.stat.uid != create_user_with_skeleton_symlink.uid
++
++  always:
++    - name: "Remove test user"
++      user:
++        name: withskeleton
++        state: absent
++        remove: yes
++
++    - name: get files to delete
++      find: path="{{tempdir.path}}"
++      register: remove
++      when:
++        - tempdir is defined
++        - tempdir is success
++
++    - name: "Remove temp files"
++      file:
++        path: '{{item}}'
++        state: absent
++      loop: "{{remove.files|default([])}}"
++      when:
++        - remove is success
+-- 
+2.43.0
+