diff --git a/backport-0001-CVE-2024-24806.patch b/backport-0001-CVE-2024-24806.patch
new file mode 100644
index 0000000000000000000000000000000000000000..ff3ea15e96e9e33191ba6b3ff98bc98735eabcb2
--- /dev/null
+++ b/backport-0001-CVE-2024-24806.patch
@@ -0,0 +1,52 @@
+From 0f2d7e784a256b54b2385043438848047bc2a629 Mon Sep 17 00:00:00 2001
+From: Ben Noordhuis <info@bnoordhuis.nl>
+Date: Thu, 18 Jan 2024 14:51:40 +0100
+Subject: [PATCH] fix: always zero-terminate idna output
+
+Fixes: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
+---
+ src/idna.c       | 5 +++--
+ test/test-idna.c | 4 ++++
+ 2 files changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/idna.c b/src/idna.c
+index b44cb16..645165c 100644
+--- a/src/idna.c
++++ b/src/idna.c
+@@ -307,8 +307,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
+       return rc;
+   }
+ 
+-  if (d < de)
+-    *d++ = '\0';
++  if (d >= de)
++    return UV_EINVAL;
+ 
++  *d++ = '\0';
+   return d - ds;  /* Number of bytes written. */
+ }
+diff --git a/test/test-idna.c b/test/test-idna.c
+index f4fad96..d079be5 100644
+--- a/test/test-idna.c
++++ b/test/test-idna.c
+@@ -99,6 +99,7 @@ TEST_IMPL(utf8_decode1) {
+ TEST_IMPL(utf8_decode1_overrun) {
+   const char* p;
+   char b[1];
++  char c[1];
+ 
+   /* Single byte. */
+   p = b;
+@@ -112,6 +113,9 @@ TEST_IMPL(utf8_decode1_overrun) {
+   ASSERT_EQ((unsigned) -1, uv__utf8_decode1(&p, b + 1));
+   ASSERT_EQ(p, b + 1);
+ 
++  b[0] = 0x7F;
++  ASSERT_EQ(UV_EINVAL, uv__idna_toascii(b, b + 1, c, c + 1));
++
+   return 0;
+ }
+ 
+-- 
+2.41.0
+
diff --git a/backport-0002-CVE-2024-24806.patch b/backport-0002-CVE-2024-24806.patch
new file mode 100644
index 0000000000000000000000000000000000000000..fc37c90928bc66a264fead4647c0b613de123d1b
--- /dev/null
+++ b/backport-0002-CVE-2024-24806.patch
@@ -0,0 +1,40 @@
+From 3530bcc30350d4a6ccf35d2f7b33e23292b9de70 Mon Sep 17 00:00:00 2001
+From: Ben Noordhuis <info@bnoordhuis.nl>
+Date: Thu, 18 Jan 2024 14:52:38 +0100
+Subject: [PATCH] fix: reject zero-length idna inputs
+
+Fixes: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
+---
+ src/idna.c       | 3 +++
+ test/test-idna.c | 1 +
+ 2 files changed, 4 insertions(+)
+
+diff --git a/src/idna.c b/src/idna.c
+index 645165c..abbfe87 100644
+--- a/src/idna.c
++++ b/src/idna.c
+@@ -273,6 +273,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
+   char* ds;
+   int rc;
+ 
++  if (s == se)
++    return UV_EINVAL;
++
+   ds = d;
+ 
+   si = s;
+diff --git a/test/test-idna.c b/test/test-idna.c
+index d079be5..d59b521 100644
+--- a/test/test-idna.c
++++ b/test/test-idna.c
+@@ -114,6 +114,7 @@ TEST_IMPL(utf8_decode1_overrun) {
+   ASSERT_EQ(p, b + 1);
+ 
+   b[0] = 0x7F;
++  ASSERT_EQ(UV_EINVAL, uv__idna_toascii(b, b + 0, c, c + 1));
+   ASSERT_EQ(UV_EINVAL, uv__idna_toascii(b, b + 1, c, c + 1));
+ 
+   return 0;
+-- 
+2.41.0
+
diff --git a/backport-0003-CVE-2024-24806.patch b/backport-0003-CVE-2024-24806.patch
new file mode 100644
index 0000000000000000000000000000000000000000..29849776eb3fb083e4fde33dd56627a06e5d977e
--- /dev/null
+++ b/backport-0003-CVE-2024-24806.patch
@@ -0,0 +1,27 @@
+From e0327e1d508b8207c9150b6e582f0adf26213c39 Mon Sep 17 00:00:00 2001
+From: Santiago Gimeno <santiago.gimeno@gmail.com>
+Date: Wed, 7 Feb 2024 20:27:58 +0100
+Subject: [PATCH] test: empty strings are not valid IDNA
+
+Fixes: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
+---
+ test/test-idna.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/test/test-idna.c b/test/test-idna.c
+index d59b521..37da38d 100644
+--- a/test/test-idna.c
++++ b/test/test-idna.c
+@@ -150,8 +150,8 @@ TEST_IMPL(idna_toascii) {
+   /* Illegal inputs. */
+   F("\xC0\x80\xC1\x80", UV_EINVAL);  /* Overlong UTF-8 sequence. */
+   F("\xC0\x80\xC1\x80.com", UV_EINVAL);  /* Overlong UTF-8 sequence. */
++  F("", UV_EINVAL);
+   /* No conversion. */
+-  T("", "");
+   T(".", ".");
+   T(".com", ".com");
+   T("example", "example");
+-- 
+2.41.0
+
diff --git a/libuv.spec b/libuv.spec
index d40d5c9e596469ab6dd02a1b466bbb0ecff2207c..4d9a730bc79aeb43472f9f71bf38c2ed8417004b 100644
--- a/libuv.spec
+++ b/libuv.spec
@@ -1,7 +1,7 @@
 Name:           libuv
 Epoch:          1
 Version:        1.42.0
-Release:        7
+Release:        8
 Summary:        A multi-platform support library with a focus on asynchronous I/O
 
 # from README.md
@@ -12,6 +12,9 @@ Source0:        http://dist.libuv.org/dist/v%{version}/%{name}-v%{version}.tar.g
 Patch1:         backport-Skip-some-tests.patch
 Patch2:         libuv-Add-sw64-architecture.patch
 Patch3:         0001-test-fix-typo-in-test-tty-escape-sequence-processing.patch
+Patch6000:      backport-0001-CVE-2024-24806.patch
+Patch6001:      backport-0002-CVE-2024-24806.patch
+Patch6002:      backport-0003-CVE-2024-24806.patch
 
 BuildRequires:  autoconf automake libtool gcc make
 
@@ -65,6 +68,9 @@ make check
 %doc ChangeLog
 
 %changelog
+* Sun Feb 18 2024 shixuantong <shixuantong1@huawei.com> - 1:1.42.0-8
+- fix CVE-2024-24806
+
 * Mon Apr 24 2023 shixuantong <shixuantong1@huawei.com> - 1:1.42.0-7
 - fix Obsoletes in spec and remove ldconfig_scriptlets from check