diff --git a/backport-CVE-2025-49847.patch b/backport-CVE-2025-49847.patch
new file mode 100644
index 0000000000000000000000000000000000000000..f5835a9710c6c4d04704e60d4938081b63f37e27
--- /dev/null
+++ b/backport-CVE-2025-49847.patch
@@ -0,0 +1,45 @@
+From e6d21d901a0e5aabd08a41d8000c5f4cd80c8b0f Mon Sep 17 00:00:00 2001
+From: Guy Goldenberg <guy110698@gmail.com>
+Date: Fri, 13 Jun 2025 19:20:25 +0300
+Subject: [PATCH] Merge commit from fork
+
+* vocab : prevent integer overflow during load
+
+* Add static cast and GGML_ABORT
+
+---------
+
+Co-authored-by: Georgi Gerganov <ggerganov@gmail.com>
+---
+ src/llama-vocab.cpp | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/llama-vocab.cpp b/src/llama-vocab.cpp
+index 8c9aaf5..6974a33 100644
+--- a/src/llama-vocab.cpp
++++ b/src/llama-vocab.cpp
+@@ -11,6 +11,9 @@
+ #include <forward_list>
+ #include <queue>
+ #include <sstream>
++#include <limits>
++#include <cstdint>
++#include <cinttypes>
+ 
+ //
+ // helpers
+@@ -1785,6 +1788,10 @@ int32_t llama_token_to_piece_impl(const struct llama_vocab & vocab, llama_token
+     // copy piece chars to output text buffer
+     // skip up to 'lstrip' leading spaces before copying
+     auto _try_copy = [=] (const char * token, size_t size) -> int32_t {
++        if (size >= static_cast<size_t>(std::numeric_limits<int32_t>::max())) {
++            GGML_ABORT("invalid token size: %zu exceeds int32_t limit", size);
++        }
++
+         for (int32_t i = 0; i < lstrip && size && *token == ' '; ++i) {
+             token++;
+             size--;
+-- 
+2.43.0
+
+
diff --git a/llama.cpp.spec b/llama.cpp.spec
index 300a9b0cfe60f6d097b6048ba0b867de40c06b91..5d3691bfa6e1bd7471113029f338075f59e62dce 100644
--- a/llama.cpp.spec
+++ b/llama.cpp.spec
@@ -3,13 +3,15 @@
 
 Name:       llama.cpp
 Version:    20241210
-Release:    1
+Release:    2
 License:    MIT
 Summary:    Port of English lagre model LLaMA implemented based on C/C++
 
 URL:            https://github.com/ggerganov/llama.cpp
 Source0:        https://github.com/ggerganov/llama.cpp/archive/refs/tags/%{llama_commitid}.tar.gz
 
+Patch001:        backport-CVE-2025-49847.patch
+
 BuildRequires:  gcc,gcc-c++,cmake
 
 %description
@@ -53,6 +55,9 @@ it can be used for model dialogue based on local laptops.
 %{_exec_prefix}/lib/pkgconfig/llama.pc
 
 %changelog
+* Wed Jul 2 2025 PshySimon <caixiaomeng2@huawei.com> - 20241210-2
+- fix CVE-2025-49847 
+
 * Tue Dec 10 2024 misaka00251 <liuxin@iscas.ac.cn> - 20241210-1
 - Upgrade to 20241210
 - Split headers into devel package