diff --git a/tiff-CVE-2022-3970.patch b/tiff-CVE-2022-3970.patch
new file mode 100644
index 0000000..7e29e61
--- /dev/null
+++ b/tiff-CVE-2022-3970.patch
@@ -0,0 +1,24 @@
+Index: tiff-4.4.0/libtiff/tif_getimage.c
+===================================================================
+--- tiff-4.4.0.orig/libtiff/tif_getimage.c
++++ tiff-4.4.0/libtiff/tif_getimage.c
+@@ -3058,15 +3058,15 @@ TIFFReadRGBATileExt(TIFF* tif, uint32_t
+         return( ok );
+ 
+     for( i_row = 0; i_row < read_ysize; i_row++ ) {
+-        memmove( raster + (tile_ysize - i_row - 1) * tile_xsize,
+-                 raster + (read_ysize - i_row - 1) * read_xsize,
++        memmove( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize,
++                 raster + (size_t)(read_ysize - i_row - 1) * read_xsize,
+                  read_xsize * sizeof(uint32_t) );
+-        _TIFFmemset( raster + (tile_ysize - i_row - 1) * tile_xsize+read_xsize,
++        _TIFFmemset( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize+read_xsize,
+                      0, sizeof(uint32_t) * (tile_xsize - read_xsize) );
+     }
+ 
+     for( i_row = read_ysize; i_row < tile_ysize; i_row++ ) {
+-        _TIFFmemset( raster + (tile_ysize - i_row - 1) * tile_xsize,
++        _TIFFmemset( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize,
+                      0, sizeof(uint32_t) * tile_xsize );
+     }
+ 
diff --git a/tiff.changes b/tiff.changes
index 50ad81b..432678c 100644
--- a/tiff.changes
+++ b/tiff.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Nov 14 11:54:03 UTC 2022 - Michael Vetter <mvetter@suse.com>
+
+- security update:
+  * CVE-2022-3970 [bsc#1205392]
+    + tiff-CVE-2022-3970.patch
+
 -------------------------------------------------------------------
 Sun Nov 13 20:42:25 UTC 2022 - Michael Vetter <mvetter@suse.com>
 
diff --git a/tiff.spec b/tiff.spec
index 974921c..2ce6ac0 100644
--- a/tiff.spec
+++ b/tiff.spec
@@ -39,6 +39,7 @@ Patch4:         tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
 Patch5:         tiff-CVE-2022-3597,CVE-2022-3626,CVE-2022-3627.patch
 Patch6:         tiff-CVE-2022-3599.patch
 Patch7:         tiff-CVE-2022-3598.patch
+Patch8:         tiff-CVE-2022-3970.patch
 BuildRequires:  gcc-c++
 BuildRequires:  libjbig-devel
 BuildRequires:  libjpeg-devel
@@ -84,6 +85,7 @@ the libtiff library.
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1
 
 %build
 CFLAGS="%{optflags} -fPIE"