diff --git a/libaom-CVE-2024-5171.patch b/libaom-CVE-2024-5171.patch
new file mode 100644
index 0000000..f5b9edb
--- /dev/null
+++ b/libaom-CVE-2024-5171.patch
@@ -0,0 +1,56 @@
+diff --git a/aom/src/aom_image.c b/aom/src/aom_image.c
+index 3b1c33d..b68dc4c 100644
+--- a/aom/src/aom_image.c
++++ b/aom/src/aom_image.c
+
+@@ -36,8 +36,7 @@
+   /* NOTE: In this function, bit_depth is either 8 or 16 (if
+    * AOM_IMG_FMT_HIGHBITDEPTH is set), never 10 or 12.
+    */
+-  unsigned int h, w, s, xcs, ycs, bps, bit_depth;
+-  unsigned int stride_in_bytes;
++  unsigned int h, w, xcs, ycs, bps, bit_depth;
+ 
+   if (img != NULL) memset(img, 0, sizeof(aom_image_t));
+ 
+@@ -108,9 +107,11 @@
+   w = align_image_dimension(d_w, xcs, size_align);
+   h = align_image_dimension(d_h, ycs, size_align);
+ 
+-  s = (fmt & AOM_IMG_FMT_PLANAR) ? w : bps * w / bit_depth;
++  uint64_t s = (fmt & AOM_IMG_FMT_PLANAR) ? w : (uint64_t)bps * w / bit_depth;
+   s = (s + 2 * border + stride_align - 1) & ~(stride_align - 1);
+-  stride_in_bytes = s * bit_depth / 8;
++  s = s * bit_depth / 8;
++  if (s > INT_MAX) goto fail;
++  const int stride_in_bytes = (int)s;
+ 
+   /* Allocate the new image */
+   if (!img) {
+@@ -232,7 +233,7 @@
+ 
+       img->planes[AOM_PLANE_Y] =
+           data + x * bytes_per_sample + y * img->stride[AOM_PLANE_Y];
+-      data += (img->h + 2 * border) * img->stride[AOM_PLANE_Y];
++      data += ((size_t)img->h + 2 * border) * img->stride[AOM_PLANE_Y];
+ 
+       unsigned int uv_border_h = border >> img->y_chroma_shift;
+       unsigned int uv_x = x >> img->x_chroma_shift;
+@@ -244,14 +245,14 @@
+       } else if (!(img->fmt & AOM_IMG_FMT_UV_FLIP)) {
+         img->planes[AOM_PLANE_U] =
+             data + uv_x * bytes_per_sample + uv_y * img->stride[AOM_PLANE_U];
+-        data += ((img->h >> img->y_chroma_shift) + 2 * uv_border_h) *
++        data += ((size_t)(img->h >> img->y_chroma_shift) + 2 * uv_border_h) *
+                 img->stride[AOM_PLANE_U];
+         img->planes[AOM_PLANE_V] =
+             data + uv_x * bytes_per_sample + uv_y * img->stride[AOM_PLANE_V];
+       } else {
+         img->planes[AOM_PLANE_V] =
+             data + uv_x * bytes_per_sample + uv_y * img->stride[AOM_PLANE_V];
+-        data += ((img->h >> img->y_chroma_shift) + 2 * uv_border_h) *
++        data += ((size_t)(img->h >> img->y_chroma_shift) + 2 * uv_border_h) *
+                 img->stride[AOM_PLANE_V];
+         img->planes[AOM_PLANE_U] =
+             data + uv_x * bytes_per_sample + uv_y * img->stride[AOM_PLANE_U];
+
diff --git a/libaom.changes b/libaom.changes
index 9b91371..9c6b54d 100644
--- a/libaom.changes
+++ b/libaom.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon Jun 10 12:03:09 UTC 2024 - pgajdos@suse.com
+
+- security update
+- added patches
+  fix CVE-2024-5171 [bsc#1226020], heap buffer overflow in img_alloc_helper() caused by integer overflow
+  + libaom-CVE-2024-5171.patch
+
 -------------------------------------------------------------------
 Tue Dec  5 19:20:33 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
 
diff --git a/libaom.spec b/libaom.spec
index f7d9c2d..b119a1e 100644
--- a/libaom.spec
+++ b/libaom.spec
@@ -45,6 +45,8 @@ Source99:       baselibs.conf
 Patch0:         libaom-0001-Do-not-disable-_FORTIFY_SOURCE.patch
 Patch1:         system-gtest.patch
 Patch2:         system-yuv.patch
+# CVE-2024-5171 [bsc#1226020], heap buffer overflow in img_alloc_helper() caused by integer overflow
+Patch3:         libaom-CVE-2024-5171.patch
 
 BuildRequires:  c++_compiler
 BuildRequires:  cmake >= 3.6