diff --git a/CVE-2025-9817.patch b/CVE-2025-9817.patch
new file mode 100644
index 0000000000000000000000000000000000000000..7e55990f9366c76d4cbcefd25983ad8fd7c5ce3f
--- /dev/null
+++ b/CVE-2025-9817.patch
@@ -0,0 +1,35 @@
+From d3db4696f7286b669a04ebfa49a0c5811a1da63f Mon Sep 17 00:00:00 2001
+From: John Thacker <johnthacker@gmail.com>
+Date: Sat, 26 Jul 2025 11:48:36 +0000
+Subject: [PATCH] ssh: Add a null check
+
+Fix #20642
+
+
+(cherry picked from commit 39daba5e247ea495f88b0be82f0b7ebbdbf50fba)
+
+Co-authored-by: John Thacker <johnthacker@gmail.com>
+
+Origin: https://gitlab.com/wireshark/wireshark/-/commit/d3db4696f7286b669a04ebfa49a0c5811a1da63f
+---
+ epan/dissectors/packet-ssh.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/epan/dissectors/packet-ssh.c b/epan/dissectors/packet-ssh.c
+index 11c6b597f2b..be0b8e71c9d 100644
+--- a/epan/dissectors/packet-ssh.c
++++ b/epan/dissectors/packet-ssh.c
+@@ -2456,6 +2456,10 @@ ssh_kex_shared_secret(int kex_type, ssh_bignum *pub, ssh_bignum *priv, ssh_bignu
+     }
+ 
+     if(kex_type==SSH_KEX_DH_GEX){
++        if (modulo == NULL) {
++            ws_debug("Missing group modulo");
++            return NULL;
++        }
+         gcry_mpi_t b = NULL;
+         gcry_mpi_scan(&b, GCRYMPI_FMT_USG, pub->data, pub->length, NULL);
+         gcry_mpi_t d = NULL, e = NULL, m = NULL;
+-- 
+GitLab
+
diff --git a/wireshark.spec b/wireshark.spec
index 2ff499cca809446ef4f0fd9adf0c898fe15396b9..0036ff9705ada7f9f12074bf2f95a3a94681beaf 100644
--- a/wireshark.spec
+++ b/wireshark.spec
@@ -3,7 +3,7 @@
 Summary:	Network traffic analyzer
 Name:		wireshark
 Version:	4.4.7
-Release:	2
+Release:	3
 Epoch:		1
 License:	BSD-1-Clause AND BSD-2-Clause AND BSD-3-Clause AND MIT AND GPL-2.0-or-later AND LGPL-2.0-or-later AND Zlib AND ISC AND (BSD-3-Clause OR GPL-2.0-only) AND (GPL-2.0-or-later AND Zlib)
 Url:		https://www.wireshark.org/
@@ -19,6 +19,7 @@ Patch5:         wireshark-0005-Fix-paths-in-a-wireshark.desktop-file.patch
 Patch6:         wireshark-0006-Move-tmp-to-var-tmp.patch
 Patch7:         wireshark-0007-cmakelists.patch
 Patch8:         wireshark-0008-pkgconfig.patch
+Patch9:         CVE-2025-9817.patch
 
 Requires:	xdg-utils
 Requires:	hicolor-icon-theme
@@ -199,6 +200,9 @@ fi
 %{_mandir}/man?/*
 
 %changelog
+* Wed Sep 03 2025 yaoxin <1024769339@qq.com> - 1:4.4.7-3
+- Fix CVE-2025-9817
+
 * Thu Jun 19 2025 wangkai <13474090681@163.com> - 1:4.4.7-2
 - Fix build error caused by undefined cmake macro