diff --git a/CVE-2024-6287.patch b/CVE-2024-6287.patch
new file mode 100644
index 0000000000000000000000000000000000000000..309a063d2acd437361e0e115ab95001ffe477291
--- /dev/null
+++ b/CVE-2024-6287.patch
@@ -0,0 +1,39 @@
+commit 954d488a9798f8fda675c6b57c571b469b298f04
+Author: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
+Date:   Sun Apr 23 21:11:15 2023 +0900
+
+    rcar-gen3: plat: BL2: fix Incorrect Address Range Calculation
+    
+    Check against all address overlap cases
+    
+    Reviewed-by: Tomer Fichman <Tomer.Fichman@cymotive.com>
+    Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
+
+diff --git a/drivers/renesas/common/io/io_rcar.c b/drivers/renesas/common/io/io_rcar.c
+index 9b29a5be8..21ed41113 100644
+--- a/drivers/renesas/common/io/io_rcar.c
++++ b/drivers/renesas/common/io/io_rcar.c
+@@ -335,13 +335,18 @@ done:
+ 		 * 2. check:
+ 		 *      | IMAGE n |
+ 		 *  | IMAGE n+1 |
++		 * 3. check:
++		 *      | IMAGE n |
++		 *  |    IMAGE n+1    |
+ 		 *
+ 		 * */
+-		if (((dst > addr_loaded[n].dest) &&
+-		     (dst <  addr_loaded[n].dest + addr_loaded[n].length)) ||
+-		    (((dst < addr_loaded[n].dest) &&
+-		      (dst + len)) > addr_loaded[n].dest)) {
+-			ERROR("BL2: image is inside a previous image area.\n");
++		if (((dst >= addr_loaded[n].dest) &&
++		     (dst <=  addr_loaded[n].dest + addr_loaded[n].length)) ||
++		    ((dst + len >= addr_loaded[n].dest) &&
++		     (dst + len <= addr_loaded[n].dest + addr_loaded[n].length)) ||
++		    ((dst <= addr_loaded[n].dest) &&
++		     (dst + len >= addr_loaded[n].dest + addr_loaded[n].length))) {
++			ERROR("BL2: next image overlap a previous image area.\n");
+ 			result = IO_FAIL;
+ 		}
+ 	}
diff --git a/arm-trusted-firmware.spec b/arm-trusted-firmware.spec
index 83294be49457d1900c4779186ac34135eab8c36d..6f935c0c6d8e7d1953e6c3c8cf9508f9527f2c17 100644
--- a/arm-trusted-firmware.spec
+++ b/arm-trusted-firmware.spec
@@ -2,7 +2,7 @@
 
 Name:          arm-trusted-firmware
 Version:       2.9
-Release:       3
+Release:       4
 Summary:       ARM Trusted Firmware
 License:       BSD
 URL:           https://github.com/ARM-software/arm-trusted-firmware/wiki
@@ -12,6 +12,7 @@ Patch0:        CVE-2023-49100.patch
 # https://github.com/renesas-rcar/arm-trusted-firmware/commit/235f85b654a031f7647e81b86fc8e4ffeb430164
 Patch1:        CVE-2024-6563.patch
 Patch2:        CVE-2024-6564.patch
+Patch3:        CVE-2024-6287.patch
 ExclusiveArch: aarch64
 BuildRequires: dtc
 
@@ -66,6 +67,9 @@ strip %{buildroot}/%{_datadir}/%{name}/rk3368/bl31.elf
 %{_datadir}/%{name}
 
 %changelog
+* Sat Oct 12 2024 Yu Peng <yupeng@kylinos.cn> - 2.9-4
+- Fix CVE-2024-6287
+
 * Tue Jul 09 2024 zhangxianting <zhangxianting@uniontech.com> - 2.9-3
 - Fix CVE-2024-6563 CVE-2024-6564