diff --git a/backport-CVE-2024-4141.patch b/backport-CVE-2024-4141.patch
new file mode 100644
index 0000000000000000000000000000000000000000..a0ebb04e0be0c16f8b0cd6a90fead02172163776
--- /dev/null
+++ b/backport-CVE-2024-4141.patch
@@ -0,0 +1,36 @@
+From 54e89f45560a3e73e172061a5551cf56b049256d Mon Sep 17 00:00:00 2001
+From: lingsheng <lingsheng1@h-partners.com>
+Date: Tue, 24 Sep 2024 11:34:58 +0000
+Subject: [PATCH] fix CVE-2024-4141
+
+Origin:https://bugzilla.suse.com/show_bug.cgi?id=1223375#c3
+---
+ fofi/FoFiType1.cc | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/fofi/FoFiType1.cc b/fofi/FoFiType1.cc
+index a4d82f2..dbb502c 100644
+--- a/fofi/FoFiType1.cc
++++ b/fofi/FoFiType1.cc
+@@ -212,7 +212,8 @@ void FoFiType1::parse() {
+   char *line, *line1, *firstLine, *p, *p2;
+   char buf[256];
+   char c;
+-  int n, code, base, i, j;
++  unsigned int code;
++  int n, base, i, j;
+   char *tokptr;
+   bool gotMatrix, continueLine;
+ 
+@@ -304,7 +305,7 @@ void FoFiType1::parse() {
+ 	    }
+ 	    ++p;
+ 	    for (p2 = p; *p2 && *p2 != ' ' && *p2 != '\t'; ++p2) ;
+-	    if (code >= 0 && code < 256) {
++	    if (code < 256) {
+ 	      c = *p2;
+ 	      *p2 = '\0';
+ 	      gfree(encoding[code]);
+-- 
+2.33.0
+
diff --git a/poppler.spec b/poppler.spec
index ea56144303e612771f7d93d12183a2015623ffa0..8cf18638238a0a374b6fdaec495b55dc63c2558e 100644
--- a/poppler.spec
+++ b/poppler.spec
@@ -4,7 +4,7 @@
 Summary:        PDF rendering library
 Name:           poppler
 Version:        0.90.0
-Release:        8
+Release:        9
 License:        (GPLv2 or GPLv3) and GPLv2+ and LGPLv2+ and MIT
 URL:            http://poppler.freedesktop.org/
 Source0:        http://poppler.freedesktop.org/poppler-%{version}.tar.xz
@@ -24,6 +24,7 @@ Patch6006:	backport-CVE-2022-37052.patch
 Patch6007:	backport-CVE-2022-38349.patch
 Patch6008:	backport-CVE-2020-36023.patch
 Patch6009:	backport-CVE-2024-6239.patch
+Patch6010:	backport-CVE-2024-4141.patch
 
 BuildRequires:  cmake
 BuildRequires:  gcc-c++
@@ -223,6 +224,12 @@ test "$(pkg-config --modversion poppler-splash)" = "%{version}"
 %{_mandir}/man1/*
 
 %changelog
+* Wed Sep 25 2024 lingsheng <lingsheng1@h-partners.com> - 0.90.0-9
+- Type:CVE
+- CVE:CVE-2024-4141
+- SUG:NA
+- DESC:fix CVE-2024-4141
+
 * Tue Jun 25 2024 lingsheng <lingsheng1@h-partners.com> - 0.90.0-8
 - Type:CVE
 - CVE:CVE-2024-6239