diff --git a/backport-CVE-2024-7347.patch b/backport-CVE-2024-7347.patch
new file mode 100644
index 0000000000000000000000000000000000000000..d4e44c88b0658eb5d4fef32abc49b34ab7ed148c
--- /dev/null
+++ b/backport-CVE-2024-7347.patch
@@ -0,0 +1,43 @@
+diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c
+--- a/src/http/modules/ngx_http_mp4_module.c
++++ b/src/http/modules/ngx_http_mp4_module.c
+@@ -3099,7 +3099,8 @@ static ngx_int_t
+ ngx_http_mp4_crop_stsc_data(ngx_http_mp4_file_t *mp4,
+     ngx_http_mp4_trak_t *trak, ngx_uint_t start)
+ {
+-    uint32_t               start_sample, chunk, samples, id, next_chunk, n,
++    uint64_t               n;
++    uint32_t               start_sample, chunk, samples, id, next_chunk,
+                            prev_samples;
+     ngx_buf_t             *data, *buf;
+     ngx_uint_t             entries, target_chunk, chunk_samples;
+@@ -3155,12 +3156,19 @@ ngx_http_mp4_crop_stsc_data(ngx_http_mp4
+ 
+         next_chunk = ngx_mp4_get_32value(entry->chunk);
+ 
++        if (next_chunk < chunk) {
++            ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
++                          "unordered mp4 stsc chunks in \"%s\"",
++                          mp4->file.name.data);
++            return NGX_ERROR;
++        }
++
+         ngx_log_debug5(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0,
+                        "sample:%uD, chunk:%uD, chunks:%uD, "
+                        "samples:%uD, id:%uD",
+                        start_sample, chunk, next_chunk - chunk, samples, id);
+ 
+-        n = (next_chunk - chunk) * samples;
++        n = (uint64_t) (next_chunk - chunk) * samples;
+ 
+         if (start_sample < n) {
+             goto found;
+@@ -3182,7 +3190,7 @@ ngx_http_mp4_crop_stsc_data(ngx_http_mp4
+                    "sample:%uD, chunk:%uD, chunks:%uD, samples:%uD",
+                    start_sample, chunk, next_chunk - chunk, samples);
+ 
+-    n = (next_chunk - chunk) * samples;
++    n = (uint64_t) (next_chunk - chunk) * samples;
+ 
+     if (start_sample > n) {
+         ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
diff --git a/nginx.spec b/nginx.spec
index 6365a976e1ad7277a0b7164522a051498f164a7c..68b2d535cb0136180c72d9f74b03797b219b11cc 100644
--- a/nginx.spec
+++ b/nginx.spec
@@ -17,7 +17,7 @@
 Name:              nginx
 Epoch:             1
 Version:           1.24.0
-Release:           1
+Release:           2
 Summary:           A HTTP server, reverse proxy and mail proxy server
 License:           BSD
 URL:               http://nginx.org/
@@ -40,6 +40,8 @@ Patch0:            nginx-auto-cc-gcc.patch
 Patch1:            nginx-1.12.1-logs-perm.patch
 Patch2:            nginx-fix-pidfile.patch
 Patch3:            backport-CVE-2023-44487.patch
+# https://nginx.org/download/patch.2024.mp4.txt
+Patch4:            backport-CVE-2024-7347.patch
 
 BuildRequires:     gcc openssl-devel pcre2-devel zlib-devel systemd gperftools-devel
 Requires:          nginx-filesystem = %{epoch}:%{version}-%{release} openssl
@@ -387,6 +389,9 @@ fi
 %{_mandir}/man8/nginx.8*
 
 %changelog
+* Thu Aug 15 2024 Funda Wang <fundawang@yeah.net> - 1:1.24.0-2
+- fix CVE-2024-7347
+
 * Tue Jan 02 2024 gaihuiying <eaglegai@163.com> - 1:1.24.0-1
 - update nginx to 1.24.0