diff --git a/backport-CVE-2023-25193.patch b/backport-CVE-2023-25193.patch
new file mode 100644
index 0000000000000000000000000000000000000000..679bda245a1044e7d8f1616266e40bc2a48cff4f
--- /dev/null
+++ b/backport-CVE-2023-25193.patch
@@ -0,0 +1,38 @@
+From 85be877925ddbf34f74a1229f3ca1716bb6170dc Mon Sep 17 00:00:00 2001
+From: Behdad Esfahbod <behdad@behdad.org>
+Date: Wed, 1 Feb 2023 20:00:43 -0700
+Subject: [PATCH] [layout] Limit how far we skip when looking back
+
+See comments.
+---
+ src/hb-ot-layout-gsubgpos.hh | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/src/hb-ot-layout-gsubgpos.hh b/src/hb-ot-layout-gsubgpos.hh
+index c9750ff..b83f49e 100644
+--- a/src/hb-ot-layout-gsubgpos.hh
++++ b/src/hb-ot-layout-gsubgpos.hh
+@@ -560,7 +560,19 @@ struct hb_ot_apply_context_t :
+     bool prev (unsigned *unsafe_from = nullptr)
+     {
+       assert (num_items > 0);
+-      while (idx > num_items - 1)
++      /* The alternate condition below is faster at string boundaries,
++       * but produces subpar "unsafe-to-concat" values. */
++      unsigned stop = num_items - 1;
++      if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
++	      stop = 1 - 1;
++
++      /* When looking back, limit how far we search; this function is mostly
++       * used for looking back for base glyphs when attaching marks. If we
++       * don't limit, we can get O(n^2) behavior where n is the number of
++       * consecutive marks. */
++      stop = (unsigned) hb_max ((int) stop, (int) idx - HB_MAX_CONTEXT_LENGTH);
++
++      while (idx > stop)
+       {
+ 	idx--;
+ 	const hb_glyph_info_t &info = c->buffer->out_info[idx];
+-- 
+2.33.0
+
diff --git a/harfbuzz.spec b/harfbuzz.spec
index dd5cbdcbd1cf2a15cea6dbc031c51e21757a8b65..3643faa9a57cffeadddf12617288a00f57371115 100644
--- a/harfbuzz.spec
+++ b/harfbuzz.spec
@@ -1,12 +1,13 @@
 Name:           harfbuzz
 Version:        4.3.0
-Release:        2
+Release:        3
 Summary:        A text shaping engine
 License:        MIT
 URL:            https://harfbuzz.github.io/
 Source0:        https://github.com/harfbuzz/harfbuzz/releases/download/%{version}/harfbuzz-%{version}.tar.xz
 
 Patch0001:	backport-CVE-2022-33068.patch
+Patch0002:	backport-CVE-2023-25193.patch
 
 BuildRequires:  gcc-c++ freetype-devel cairo-devel glib2-devel graphite2-devel
 BuildRequires:  gtk-doc libicu-devel gobject-introspection-devel make
@@ -70,6 +71,9 @@ make check
 %{_datadir}/gtk-doc/html/harfbuzz/*
 
 %changelog
+* Wed Feb 15 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 4.3.0-3
+- fix CVE-2023-25193
+
 * Thu Jul 14 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 4.3.0-2
 - fix CVE-2022-33068