diff --git a/INT_MIN-value-must-be-explicitly-checked.patch b/INT_MIN-value-must-be-explicitly-checked.patch
new file mode 100644
index 0000000000000000000000000000000000000000..90bef151f9ed1e1f474b0d222c1e40979c65b68b
--- /dev/null
+++ b/INT_MIN-value-must-be-explicitly-checked.patch
@@ -0,0 +1,43 @@
+From 1f7c148be2cbacf7d50aa461c58b871e87cc5ed9 Mon Sep 17 00:00:00 2001
+From: Oran Agra <oran@redislabs.com>
+Date: Wed, 2 Oct 2024 19:54:06 +0300
+Subject: [PATCH] Fix lua bit.tohex (CVE-2024-31449)
+
+INT_MIN value must be explicitly checked, and cannot be negated.
+---
+ deps/lua/src/lua_bit.c   | 1 +
+ tests/unit/scripting.tcl | 6 ++++++
+ 2 files changed, 7 insertions(+)
+
+diff --git a/deps/lua/src/lua_bit.c b/deps/lua/src/lua_bit.c
+index 690df7d..a459ca9 100644
+--- a/deps/lua/src/lua_bit.c
++++ b/deps/lua/src/lua_bit.c
+@@ -131,6 +131,7 @@ static int bit_tohex(lua_State *L)
+   const char *hexdigits = "0123456789abcdef";
+   char buf[8];
+   int i;
++  if (n == INT32_MIN) n = INT32_MIN+1;
+   if (n < 0) { n = -n; hexdigits = "0123456789ABCDEF"; }
+   if (n > 8) n = 8;
+   for (i = (int)n; --i >= 0; ) { buf[i] = hexdigits[b & 15]; b >>= 4; }
+diff --git a/tests/unit/scripting.tcl b/tests/unit/scripting.tcl
+index 99f249a..2d7d7af 100644
+--- a/tests/unit/scripting.tcl
++++ b/tests/unit/scripting.tcl
+@@ -392,6 +392,12 @@ start_server {tags {"scripting"}} {
+         set e
+     } {ERR*Attempt to modify a readonly table*}
+ 
++    test {lua bit.tohex bug} {
++        set res [r eval {return bit.tohex(65535, -2147483648)} 0]
++        r ping
++        set res
++    } {0000FFFF}
++
+     test {Test an example script DECR_IF_GT} {
+         set decr_if_gt {
+             local current
+-- 
+2.27.0
+
diff --git a/redis6.spec b/redis6.spec
index b291431bca9e2af36b91bdbb627f9ac8e25f213c..a358b1ef2544ec552a722664f937576fa6f1f7dc 100644
--- a/redis6.spec
+++ b/redis6.spec
@@ -6,7 +6,7 @@
 %global Pname redis
 Name:                redis6
 Version:             6.2.7
-Release:             3
+Release:             4
 Summary:             A persistent key-value database
 License:             BSD and MIT
 URL:                 https://redis.io
@@ -23,6 +23,7 @@ Patch0001:           Modify-aarch64-architecture-jemalloc-page-size-from-from-4k
 
 Patch0003:           Add-loongarch64-support.patch
 Patch0004:           Update-config.guess-and-config.sub.patch
+Patch0005:           INT_MIN-value-must-be-explicitly-checked.patch
 
 Patch0002:           fix-help-info.patch
 BuildRequires:       make gcc
@@ -91,6 +92,7 @@ tar -xvf  %{SOURCE10}
 %patch0003 -p1
 %patch0004 -p1
 %endif
+%patch0005 -p1
 mv ../%{Pname}-doc-%{doc_commit} doc
 mv deps/lua/COPYRIGHT    COPYRIGHT-lua
 mv deps/jemalloc/COPYING COPYING-jemalloc
@@ -219,6 +221,9 @@ fi
 %{_docdir}/%{Pname}
 
 %changelog
+* Thu Oct 10 2024 zhangyaqi <zhangyaqi@kylinos.cn> - 6.2.7-4
+- Fix CVE-2024-31449
+
 * Wed Apr 10 2024 jiangxinyu <jiangxinyu@kylinos.cn> - 6.2.7-3
 - add Conflicts with redis and redis5