diff --git a/ffmpeg-4-CVE-2024-7055.patch b/ffmpeg-4-CVE-2024-7055.patch
new file mode 100644
index 0000000..3bf12aa
--- /dev/null
+++ b/ffmpeg-4-CVE-2024-7055.patch
@@ -0,0 +1,29 @@
+From 3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Thu, 18 Jul 2024 21:12:54 +0200
+Subject: [PATCH] avcodec/pnmdec: Use 64bit for input size check
+References: CVE-2024-7055
+References: bsc#1229026
+Upstream: Backport from upstream
+
+Fixes: out of array read
+Fixes: poc3
+
+Reported-by: VulDB CNA Team
+Found-by: CookedMelon
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavcodec/pnmdec.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- ffmpeg-4.4.4/libavcodec/pnmdec.c
++++ ffmpeg-4.4.4_new/libavcodec/pnmdec.c
+@@ -256,7 +256,7 @@
+         }
+         break;
+     case AV_PIX_FMT_GBRPF32:
+-        if (avctx->width * avctx->height * 12 > s->bytestream_end - s->bytestream)
++        if (avctx->width * avctx->height * 12LL > s->bytestream_end - s->bytestream)
+             return AVERROR_INVALIDDATA;
+         scale = 1.f / s->scale;
+         if (s->endian) {
diff --git a/ffmpeg-4.changes b/ffmpeg-4.changes
index 4bb592a..8c69dad 100644
--- a/ffmpeg-4.changes
+++ b/ffmpeg-4.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Fri Sep  6 15:06:21 UTC 2024 - Cliff Zhao <qzhao@suse.com>
+
+- Add ffmpeg-4-CVE-2024-7055.patch:
+  Backporting 3faadbe2 from upstream, Use 64bit for input size check,
+  Fixes: out of array read, Fixes: poc3.
+  (CVE-2024-7055, bsc#1229026)
+
 -------------------------------------------------------------------
 Wed Aug 28 10:42:38 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
 
@@ -22,7 +30,7 @@ Tue Apr 27 11:38:35 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-CVE-2023-50010.patch:
   Backporting e4d2666b from upstream, fixes the out of array access.
-  (CVE-2023-50010 bsc#1223256)
+  (CVE-2023-a50010, bsc#1223256)
 
 -------------------------------------------------------------------
 Fri Apr 26 22:16:48 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
@@ -35,7 +43,7 @@ Thu Apr 23 16:14:18 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 
 - Add ffmpeg-CVE-2023-51793.patch:
   Backporting 0ecc1f0e from upstream, Fix odd height handling.
-  (CVE-2023-51793 bsc#1223272)
+  (CVE-2023-51793, bsc#1223272)
 
 -------------------------------------------------------------------
 Thu Apr 23 15:35:32 UTC 2024 - Cliff Zhao <qzhao@suse.com>
@@ -43,7 +51,7 @@ Thu Apr 23 15:35:32 UTC 2024 - Cliff Zhao <qzhao@suse.com>
 - Add ffmpeg-CVE-2023-49502.patch:
   Backporting 737ede40 from upstream, account for chroma sub-sampling
   in min size calculation.
-  (CVE-2023-49502 bsc#1223235)
+  (CVE-2023-49502, bsc#1223235)
 
 -------------------------------------------------------------------
 Tue Apr 23 14:25:53 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
diff --git a/ffmpeg-4.spec b/ffmpeg-4.spec
index f7bbaca..f65735d 100644
--- a/ffmpeg-4.spec
+++ b/ffmpeg-4.spec
@@ -134,6 +134,7 @@ Patch20:        ffmpeg-CVE-2023-50010.patch
 Patch21:        ffmpeg-4-CVE-2024-32230.patch
 Patch22:        ffmpeg-c99.patch
 Patch23:        0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch
+Patch24:        ffmpeg-4-CVE-2024-7055.patch
 BuildRequires:  ladspa-devel
 BuildRequires:  libgsm-devel
 BuildRequires:  libmp3lame-devel