diff --git a/backport-preproc-fix-heap-memory-overflow-CVE-2023-31722.patch b/backport-preproc-fix-heap-memory-overflow-CVE-2023-31722.patch
new file mode 100644
index 0000000000000000000000000000000000000000..1c3b63f27be02dd826e607026e87896328a2f96d
--- /dev/null
+++ b/backport-preproc-fix-heap-memory-overflow-CVE-2023-31722.patch
@@ -0,0 +1,49 @@
+From e39b856bdeec852e9b078dd9b7cad74caee618b4 Mon Sep 17 00:00:00 2001
+From: hongjinghao <hongjinghao@huawei.com>
+Date: Tue, 5 Sep 2023 20:28:26 +0800
+Subject: [PATCH] preproc: fix heap memory overflow CVE-2023-31722
+
+paramlen has heap memory of length nparam+1. The value of variable i
+may be greater than nparam+1, causing heap memory overflow. Therefore,
+i and nparam+1 needs to be determined in the loop.
+
+Fixes: https://bugzilla.nasm.us/show_bug.cgi?id=3392857#c1
+Fixes: https://github.com/netwide-assembler/nasm/pull/83
+Signed-off-by: H. Peter Anvin (Intel) <hpa@zytor.com>
+---
+ asm/preproc.c   | 2 +-
+ nasmlib/alloc.c | 4 +++-
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/asm/preproc.c b/asm/preproc.c
+index 22b7f72f..c82b570c 100644
+--- a/asm/preproc.c
++++ b/asm/preproc.c
+@@ -7245,7 +7245,7 @@ static int expand_mmacro(Token * tline)
+      */
+     nasm_newn(paramlen, nparam+1);
+ 
+-    for (i = 1; (t = params[i]); i++) {
++    for (i = 1; i < nparam+1 && (t = params[i]); i++) {
+         bool braced = false;
+         int brace = 0;
+         int white = 0;
+diff --git a/nasmlib/alloc.c b/nasmlib/alloc.c
+index 32e181e7..b77d4821 100644
+--- a/nasmlib/alloc.c
++++ b/nasmlib/alloc.c
+@@ -74,8 +74,10 @@ void *nasm_realloc(void *q, size_t size)
+ 
+ void nasm_free(void *q)
+ {
+-    if (q)
++    if (q){
+         free(q);
++	q = NULL;
++    }
+ }
+ 
+ char *nasm_strdup(const char *s)
+-- 
+2.43.0
+
diff --git a/nasm.spec b/nasm.spec
index b4ea0d249b7c73880eddc901b2a7c32ec9932117..34cd40e4f382fb30be57d941c1cfef4ff10140d3 100644
--- a/nasm.spec
+++ b/nasm.spec
@@ -8,7 +8,7 @@
 
 Name:     nasm
 Version:  2.16.01
-Release:  1
+Release:  2
 Summary:  The Netwide Assembler, a portable x86 assembler with Intel-like syntax
 License:  BSD-2-Clause
 URL:      http://www.nasm.us
@@ -17,6 +17,7 @@ Source1:  http://www.nasm.us/pub/nasm/releasebuilds/%{version}/%{name}-%{version
 
 Patch6000: enable-make-check.patch
 Patch6001: fix-help-info-error.patch 
+Patch6002: backport-preproc-fix-heap-memory-overflow-CVE-2023-31722.patch
 
 BuildRequires: perl(Env) autoconf asciidoc xmlto gcc make git automake
 Obsoletes: nasm-rdoff < 2.16.01-1
@@ -77,6 +78,9 @@ make test
 %{_mandir}/man1/ndisasm*
 
 %changelog
+* Wed Nov 05 2025 Linux_zhang <zhangruifang@h-partners.com> - 2.16.01-2
+- Fix CVE-2023-31722
+
 * Thu May 18 2023 liyanan <thistleslyn@163.com> - 2.16.01-1
 - update to 2.16.01