diff --git a/backport-Fixed-segfault-if-regex-studies-list-allocation-fails.patch b/backport-Fixed-segfault-if-regex-studies-list-allocation-fails.patch
new file mode 100644
index 0000000000000000000000000000000000000000..f5c0b160978bdcc89bcae92e494ab3d64dad40a6
--- /dev/null
+++ b/backport-Fixed-segfault-if-regex-studies-list-allocation-fails.patch
@@ -0,0 +1,34 @@
+From 25c546ac37ba622b93c1a7075bd7eb447bac17b2 Mon Sep 17 00:00:00 2001
+From: Maxim Dounin <mdounin@mdounin.ru>
+Date: Tue, 18 Apr 2023 06:28:46 +0300
+Subject: [PATCH] Fixed segfault if regex studies list allocation fails.
+
+The rcf->studies list is unconditionally accessed by ngx_regex_cleanup(),
+and this used to cause NULL pointer dereference if allocation
+failed.  Fix is to set cleanup handler only when allocation succeeds.
+---
+ src/core/ngx_regex.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/core/ngx_regex.c b/src/core/ngx_regex.c
+index bebf3b6a83e..91381f49942 100644
+--- a/src/core/ngx_regex.c
++++ b/src/core/ngx_regex.c
+@@ -732,14 +732,14 @@ ngx_regex_create_conf(ngx_cycle_t *cycle)
+         return NULL;
+     }
+ 
+-    cln->handler = ngx_regex_cleanup;
+-    cln->data = rcf;
+-
+     rcf->studies = ngx_list_create(cycle->pool, 8, sizeof(ngx_regex_elt_t));
+     if (rcf->studies == NULL) {
+         return NULL;
+     }
+ 
++    cln->handler = ngx_regex_cleanup;
++    cln->data = rcf;
++
+     ngx_regex_studies = rcf->studies;
+ 
+     return rcf;
diff --git a/nginx.spec b/nginx.spec
index 78785408c92984999ee99b60e781d469a4de1cfd..6a22d2153cfdd81b7458af2b7c9ac99591f2573b 100644
--- a/nginx.spec
+++ b/nginx.spec
@@ -17,7 +17,7 @@
 Name:              nginx
 Epoch:             1
 Version:           1.24.0
-Release:           3
+Release:           4
 Summary:           A HTTP server, reverse proxy and mail proxy server
 License:           BSD
 URL:               http://nginx.org/
@@ -43,6 +43,7 @@ Patch3:            backport-CVE-2023-44487.patch
 # https://nginx.org/download/patch.2024.mp4.txt
 Patch4:            backport-CVE-2024-7347.patch
 Patch5:            backport-CVE-2025-23419.patch
+Patch6:            backport-Fixed-segfault-if-regex-studies-list-allocation-fails.patch
 
 BuildRequires:     gcc openssl-devel pcre2-devel zlib-devel systemd gperftools-devel
 Requires:          nginx-filesystem = %{epoch}:%{version}-%{release} openssl
@@ -390,6 +391,9 @@ fi
 %{_mandir}/man8/nginx.8*
 
 %changelog
+* Wed Apr 02 2025 gaihuiying <eaglegai@163.com> - 1:1.24.0-4
+- backport upstreams to fix possible segfault
+
 * Thu Feb 06 2025 gaihuiying <eaglegai@163.com> - 1:1.24.0-3
 - fix CVE-2025-23419