diff --git a/SOURCES/CVE-2023-25193-Limit_how_far_we_skip_when_looking_back.patch b/SOURCES/CVE-2023-25193-Limit_how_far_we_skip_when_looking_back.patch
new file mode 100644
index 0000000..5d4af58
--- /dev/null
+++ b/SOURCES/CVE-2023-25193-Limit_how_far_we_skip_when_looking_back.patch
@@ -0,0 +1,20 @@
+diff -urN harfbuzz-1.7.5.old/src/hb-ot-layout-gsubgpos-private.hh harfbuzz-1.7.5/src/hb-ot-layout-gsubgpos-private.hh
+--- harfbuzz-1.7.5.old/src/hb-ot-layout-gsubgpos-private.hh	2018-01-27 07:43:07.000000000 +0530
++++ harfbuzz-1.7.5/src/hb-ot-layout-gsubgpos-private.hh	2023-09-25 12:18:00.277228938 +0530
+@@ -368,7 +368,15 @@
+     inline bool prev (void)
+     {
+       assert (num_items > 0);
+-      while (idx >= num_items)
++      unsigned stop = num_items - 1;
++
++      /* When looking back, limit how far we search; this function is mostly
++       * used for looking back for base glyphs when attaching marks. If we
++       * don't limit, we can get O(n^2) behavior where n is the number of
++       * consecutive marks. */
++      stop = (unsigned) ((int) stop >= (int) idx - HB_MAX_CONTEXT_LENGTH ? stop : (int) idx - HB_MAX_CONTEXT_LENGTH);
++
++      while (idx > stop)
+       {
+ 	idx--;
+ 	const hb_glyph_info_t &info = c->buffer->out_info[idx];
diff --git a/SPECS/harfbuzz.spec b/SPECS/harfbuzz.spec
index 8b58020..caeedbf 100644
--- a/SPECS/harfbuzz.spec
+++ b/SPECS/harfbuzz.spec
@@ -1,12 +1,15 @@
 Name:           harfbuzz
 Version:        1.7.5
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        Text shaping library
 
 License:        MIT
 URL:            http://freedesktop.org/wiki/Software/HarfBuzz
 Source0:        http://www.freedesktop.org/software/harfbuzz/release/harfbuzz-%{version}.tar.bz2
 
+# https://github.com/harfbuzz/harfbuzz/issues/4147#issuecomment-1707674277
+Patch1:         CVE-2023-25193-Limit_how_far_we_skip_when_looking_back.patch
+
 BuildRequires:  cairo-devel
 BuildRequires:  freetype-devel
 BuildRequires:  glib2-devel
@@ -36,8 +39,9 @@ Requires:       %{name}%{?_isa} = %{version}-%{release}
 This package contains Harfbuzz ICU support library.
 
 %prep
-%autosetup
-
+%autosetup -p1
+# rpminspect complained about invalid unicode characters like 0x202B and 0x202C
+rm -f test/shaping/texts/in-house/shaper-arabic/script-arabic/language-persian/mehran.txt
 
 %build
 %configure --disable-static --with-graphite2
@@ -81,6 +85,9 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
 %{_libdir}/libharfbuzz-icu.so.*
 
 %changelog
+* Mon Sep 25 2023 Parag Nemade <pnemade AT redhat DOT com> - 1.7.5-4
+- Resolves:RHEL-8400 allows attackers to trigger O(n^2) growth via consecutive marks
+
 * Mon Feb 19 2018 Parag Nemade <pnemade AT redhat DOT com> - 1.7.5-3
 - Add BuildRequires: gcc-c++ as per packaging guidelines
 - Used %%autosetup