diff --git a/0004-rar-Fix-double-free-with-over-4-billion-nodes-2598.patch b/0004-rar-Fix-double-free-with-over-4-billion-nodes-2598.patch
new file mode 100644
index 0000000..f90b601
--- /dev/null
+++ b/0004-rar-Fix-double-free-with-over-4-billion-nodes-2598.patch
@@ -0,0 +1,42 @@
+From 09685126fcec664e2b8ca595e1fc371bd494d209 Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann <stoeckmann@users.noreply.github.com>
+Date: Sun, 11 May 2025 02:17:19 +0200
+Subject: [PATCH] rar: Fix double free with over 4 billion nodes (#2598)
+
+If a system is capable of handling 4 billion nodes in memory, a double
+free could occur because of an unsigned integer overflow leading to a
+realloc call with size argument of 0. Eventually, the client will
+release that memory again, triggering a double free.
+
+Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+---
+ libarchive/archive_read_support_format_rar.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
+index 542532dd..197469b9 100644
+--- a/libarchive/archive_read_support_format_rar.c
++++ b/libarchive/archive_read_support_format_rar.c
+@@ -335,8 +335,8 @@ struct rar
+   int found_first_header;
+   char has_endarc_header;
+   struct data_block_offsets *dbo;
+-  unsigned int cursor;
+-  unsigned int nodes;
++  size_t cursor;
++  size_t nodes;
+   char filename_must_match;
+ 
+   /* LZSS members */
+@@ -1192,7 +1192,7 @@ archive_read_format_rar_seek_data(struct archive_read *a, int64_t offset,
+     int whence)
+ {
+   int64_t client_offset, ret;
+-  unsigned int i;
++  size_t i;
+   struct rar *rar = (struct rar *)(a->format->data);
+ 
+   if (rar->compression_method == COMPRESS_METHOD_STORE)
+-- 
+2.50.1
+
diff --git a/libarchive.spec b/libarchive.spec
index 67af324..0551ed0 100644
--- a/libarchive.spec
+++ b/libarchive.spec
@@ -2,7 +2,7 @@
 
 Name:           libarchive
 Version:        3.7.7
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        A library for handling streaming archive formats
 
 # Licenses:
@@ -48,6 +48,8 @@ Patch0001: 0001-Drop-rmd160-from-OpenSSL.patch
 Patch0002: 0002-Handle-truncation-in-the-middle-of-a-GNU-long-linkna.patch
 # Source: https://github.com/libarchive/libarchive/commit/c9bc934e7e91d302e0feca6e713ccc38d6d01532
 Patch0003: 0003-Fix-CVE-2025-25724.patch
+# Source: https://github.com/libarchive/libarchive/commit/09685126fcec664e2b8ca595e1fc371bd494d209
+Patch0004: 0004-rar-Fix-double-free-with-over-4-billion-nodes-2598.patch
 
 %description
 Libarchive is a programming library that can create and read several different
@@ -246,6 +248,9 @@ run_testsuite
 
 
 %changelog
+* Wed Aug 13 2025 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.7-4
+- Resolves: CVE-2025-5914
+
 * Fri Jun 06 2025 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.7-3
 - Resolves: CVE-2025-25724