diff --git a/0003-Fix-the-CVE-2022-45907.patch b/0003-Fix-the-CVE-2022-45907.patch
new file mode 100644
index 0000000000000000000000000000000000000000..ba13bac1b8dc74c22577bada9224f341c7cadc4c
--- /dev/null
+++ b/0003-Fix-the-CVE-2022-45907.patch
@@ -0,0 +1,88 @@
+From ee3318c33a09ac702255ffdc0fb770cd9c1a0327 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?=E6=9D=8E=E7=92=90?= <lilu@kylinos.cn>
+Date: Fri, 19 Apr 2024 15:27:39 +0800
+Subject: [PATCH] Fix the CVE-2022-45907
+
+---
+ pytorch-1.6.0/test/test_jit.py                       |  8 ++++++++
+ .../torch/csrc/jit/frontend/script_type_parser.cpp   |  2 +-
+ pytorch-1.6.0/torch/jit/annotations.py               | 12 ++++++++++--
+ 3 files changed, 19 insertions(+), 3 deletions(-)
+
+diff --git a/pytorch-1.6.0/test/test_jit.py b/pytorch-1.6.0/test/test_jit.py
+index 5a9b7235..a72ce200 100644
+--- a/pytorch-1.6.0/test/test_jit.py
++++ b/pytorch-1.6.0/test/test_jit.py
+@@ -3211,6 +3211,14 @@ def foo(x):
+                 return a + 2
+             torch.jit.script(invalid4)
+ 
++    def test_calls_in_type_annotations(self):
++        with self.assertRaisesRegex(RuntimeError, "Type annotation should not contain calls"):
++            def spooky(a):
++                # type: print("Hello") -> Tensor # noqa: F723
++                return a + 2
++            print(torch.__file__)
++            torch.jit.annotations.get_signature(spooky, None, 1, True)
++
+     def test_is_optional(self):
+         ann = Union[List[int], List[float]]
+         torch._jit_internal.is_optional(ann)
+diff --git a/pytorch-1.6.0/torch/csrc/jit/frontend/script_type_parser.cpp b/pytorch-1.6.0/torch/csrc/jit/frontend/script_type_parser.cpp
+index 0ecc394a..4e47016e 100644
+--- a/pytorch-1.6.0/torch/csrc/jit/frontend/script_type_parser.cpp
++++ b/pytorch-1.6.0/torch/csrc/jit/frontend/script_type_parser.cpp
+@@ -229,7 +229,7 @@ std::vector<IValue> ScriptTypeParser::evaluateDefaults(
+   // We then run constant prop on this graph and check the results are
+   // constant. This approach avoids having to have separate handling of
+   // default arguments from standard expressions by piecing together existing
+-  // machinery for graph generation, constant propgation, and constant
++  // machinery for graph generation, constant propagation, and constant
+   // extraction.
+   auto tuple_type = Subscript::create(
+       r,
+diff --git a/pytorch-1.6.0/torch/jit/annotations.py b/pytorch-1.6.0/torch/jit/annotations.py
+index 97dd39ee..e3590d81 100644
+--- a/pytorch-1.6.0/torch/jit/annotations.py
++++ b/pytorch-1.6.0/torch/jit/annotations.py
+@@ -1,4 +1,5 @@
+ import ast
++import dis
+ import inspect
+ import re
+ import torch
+@@ -128,6 +129,13 @@ def check_fn(fn, loc):
+     if len(py_ast.body) != 1 or not isinstance(py_ast.body[0], ast.FunctionDef):
+         raise torch.jit.frontend.FrontendError(loc, "Expected a single top-level function")
+ 
++def _eval_no_call(stmt, glob, loc):
++    """Evaluate statement as long as it does not contain any method/function calls"""
++    bytecode = compile(stmt, "", mode="eval")
++    for insn in dis.get_instructions(bytecode):
++        if "CALL" in insn.opname:
++            raise RuntimeError(f"Type annotation should not contain calls, but '{stmt}' does")
++    return eval(bytecode, glob, loc)  # type: ignore[arg-type] # noqa: P204
+ 
+ def parse_type_line(type_line, rcb, loc):
+     """Parses a type annotation specified as a comment.
+@@ -139,7 +147,7 @@ def parse_type_line(type_line, rcb, loc):
+     arg_ann_str, ret_ann_str = split_type_line(type_line)
+ 
+     try:
+-        arg_ann = eval(arg_ann_str, {}, EvalEnv(rcb))  # noqa: P204
++        arg_ann = _eval_no_call(arg_ann_str, {}, EvalEnv(rcb))
+     except (NameError, SyntaxError) as e:
+         raise RuntimeError("Failed to parse the argument list of a type annotation: {}".format(str(e)))
+ 
+@@ -147,7 +155,7 @@ def parse_type_line(type_line, rcb, loc):
+         arg_ann = (arg_ann,)
+ 
+     try:
+-        ret_ann = eval(ret_ann_str, {}, EvalEnv(rcb))  # noqa: P204
++        ret_ann = _eval_no_call(ret_ann_str, {}, EvalEnv(rcb))
+     except (NameError, SyntaxError) as e:
+         raise RuntimeError("Failed to parse the return type of a type annotation: {}".format(str(e)))
+ 
+-- 
+2.27.0
+
diff --git a/pytorch.spec b/pytorch.spec
index 8ddeac8057c039213a9defa1d4a1a66363280d0e..b48fbd560ec1e376feac4356c99c5e2dd105b634 100644
--- a/pytorch.spec
+++ b/pytorch.spec
@@ -1,7 +1,7 @@
 %global _empty_manifest_terminate_build 0
 Name:		pytorch
 Version:	1.6.0
-Release:	4
+Release:	5
 Summary:	Tensors and Dynamic neural networks in Python with strong GPU acceleration
 License:	BSD-3
 URL:		https://pytorch.org/
@@ -10,6 +10,7 @@ Source0:	pytorch-%{version}-include-submodules.tar.bz2
 
 Patch0001:	0001-Fix-illegal-opcode-bug-in-caffe2-40584.patch
 Patch0002:	0002-disable-SVE-for-v1.6.0-due-to-sleef-build-error.patch
+Patch0003:	0003-Fix-the-CVE-2022-45907.patch
 
 BuildRequires:  g++
 Requires:	python3-future
@@ -87,6 +88,9 @@ mv %{buildroot}/doclist.lst .
 %{_docdir}/*
 
 %changelog
+* Fri Apr 19 2024 lilu <lilu@kylinos.cn> - 1.6.0-5
+- fixes the CVE-2022-45907
+
 * Mon Dec 26 2022 wangdongxing <dxwangk@isoftstone.com> - 1.6.0-4
 - fixes: error: add build requires make for compile local