diff --git a/0006-extensions-recent-New-kernels-support-999-hits.patch b/0006-extensions-recent-New-kernels-support-999-hits.patch
new file mode 100644
index 0000000..f9fa8f8
--- /dev/null
+++ b/0006-extensions-recent-New-kernels-support-999-hits.patch
@@ -0,0 +1,39 @@
+From 9dbd643945ba560e7fbb7aa2d4711bf14dd3452d Mon Sep 17 00:00:00 2001
+From: Phil Sutter <psutter@redhat.com>
+Date: Sat, 21 Sep 2024 02:04:54 +0200
+Subject: [PATCH] extensions: recent: New kernels support 999 hits
+
+JIRA: https://issues.redhat.com/browse/RHEL-34919
+Upstream Status: iptables commit d859b91e6f3ed055c22ee7b984b481c5b518d9e1
+
+commit d859b91e6f3ed055c22ee7b984b481c5b518d9e1
+Author: Phil Sutter <phil@nwl.cc>
+Date:   Sat Jul 20 02:23:28 2024 +0200
+
+    extensions: recent: New kernels support 999 hits
+
+    Since kernel commit f4ebd03496f6 ("netfilter: xt_recent: Lift
+    restrictions on max hitcount value"), the max supported hitcount value
+    has increased significantly. Adjust the test to use a value which fails
+    on old as well as new kernels.
+
+    Signed-off-by: Phil Sutter <phil@nwl.cc>
+
+Signed-off-by: Phil Sutter <psutter@redhat.com>
+---
+ extensions/libxt_recent.t | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/extensions/libxt_recent.t b/extensions/libxt_recent.t
+index cf23aab..3b0dd9f 100644
+--- a/extensions/libxt_recent.t
++++ b/extensions/libxt_recent.t
+@@ -4,7 +4,7 @@
+ -m recent --rcheck --hitcount 12 --name foo --mask 255.255.255.255 --rsource;=;OK
+ -m recent --update --rttl;-m recent --update --rttl --name DEFAULT --mask 255.255.255.255 --rsource;OK
+ -m recent --set --rttl;;FAIL
+--m recent --rcheck --hitcount 999 --name foo --mask 255.255.255.255 --rsource;;FAIL
++-m recent --rcheck --hitcount 65536 --name foo --mask 255.255.255.255 --rsource;;FAIL
+ # nonsensical, but all should load successfully:
+ -m recent --rcheck --hitcount 3 --name foo --mask 255.255.255.255 --rsource -m recent --rcheck --hitcount 4 --name foo --mask 255.255.255.255 --rsource;=;OK
+ -m recent --rcheck --hitcount 4 --name foo --mask 255.255.255.255 --rsource -m recent --rcheck --hitcount 4 --name foo --mask 255.255.255.255 --rsource;=;OK
diff --git a/iptables.spec b/iptables.spec
index 100b2ee..946ba56 100644
--- a/iptables.spec
+++ b/iptables.spec
@@ -1,5 +1,5 @@
 %define iptables_rpmversion 1.8.10
-%define iptables_specrelease 12
+%define iptables_specrelease 13
 
 # install init scripts to /usr/libexec with systemd
 %global script_path %{_libexecdir}/iptables
@@ -38,6 +38,7 @@ Patch2:             0002-extensions-SECMARK-Use-a-better-context-in-test-case.pa
 Patch3:             0003-ebtables-Fix-corner-case-noflush-restore-bug.patch
 Patch4:             0004-nft-Fix-for-broken-recover_rule_compat.patch
 Patch5:             0005-extensions-libxt_sctp-Add-an-extra-assert.patch
+Patch6:             0006-extensions-recent-New-kernels-support-999-hits.patch
 
 # pf.os: ISC license
 # iptables-apply: Artistic Licence 2.0
@@ -472,6 +473,9 @@ fi
 %ghost %{_mandir}/man8/ebtables{,-translate}.8.gz
 
 %changelog
+* Sat Sep 21 2024 Phil Sutter <psutter@redhat.com> [1.8.10-13.el10]
+- extensions: recent: New kernels support 999 hits (Phil Sutter) [RHEL-34919]
+
 * Fri Sep 20 2024 Phil Sutter <psutter@redhat.com> [1.8.10-12.el10]
 - Bump release for beta (Phil Sutter)