diff --git a/.gitignore b/.gitignore
index 118799f..57c1470 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-libseccomp-2.5.3.tar.gz
+libseccomp-2.5.6.tar.gz
diff --git a/fix-murmur-hash-strict-aliasing-violation.patch b/fix-murmur-hash-strict-aliasing-violation.patch
new file mode 100644
index 0000000..f32557d
--- /dev/null
+++ b/fix-murmur-hash-strict-aliasing-violation.patch
@@ -0,0 +1,86 @@
+From b7d0f04e63c460638eeca970ba3bb784733e2e2e Mon Sep 17 00:00:00 2001
+From: Romain Geissler <romain.geissler@amadeus.com>
+Date: Tue, 18 Feb 2025 22:29:05 +0000
+Subject: [PATCH] Fix strict aliasing UB in MurMur hash implementation.
+
+This was spotted when trying to upgrade the libseccomp fedora package to
+version 2.6.0 in fedora rawhide. It comes with gcc 15 and LTO enabled by
+default. When running the test 61-sim-transactions we get plenty of such
+errors in valgrind:
+
+==265507== Use of uninitialised value of size 8
+==265507==    at 0x4096AD: _hsh_add (gen_bpf.c:599)
+==265507==    by 0x40A557: UnknownInlinedFun (gen_bpf.c:2016)
+==265507==    by 0x40A557: gen_bpf_generate (gen_bpf.c:2341)
+==265507==    by 0x400CDE: UnknownInlinedFun (db.c:2685)
+==265507==    by 0x400CDE: UnknownInlinedFun (db.c:2682)
+==265507==    by 0x400CDE: UnknownInlinedFun (api.c:756)
+==265507==    by 0x400CDE: UnknownInlinedFun (util.c:162)
+==265507==    by 0x400CDE: UnknownInlinedFun (util.c:153)
+==265507==    by 0x400CDE: main (61-sim-transactions.c:128)
+==265507==  Uninitialised value was created by a stack allocation
+==265507==    at 0x409590: _hsh_add (gen_bpf.c:573)
+
+Investigating this a bit, it seems that because of LTO the MurMur hash
+implementation is being inlined in _hsh_add. The two buffers data and
+blocks to point at the same underlying data, but via incompatible type,
+which is a strict aliasing violation. Instead, remove the getblock32
+function and inline the copy with memcpy.
+
+This is reproducible on a "fedora:rawhide" container (gcc 15) and using:
+export CFLAGS='-O2 -flto=auto -ffat-lto-objects -g'
+
+Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
+---
+ src/hash.c | 12 +++---------
+ 1 file changed, 3 insertions(+), 9 deletions(-)
+
+diff --git a/src/hash.c b/src/hash.c
+index 4435900f..01ff9399 100644
+--- a/src/hash.c
++++ b/src/hash.c
+@@ -12,15 +12,11 @@
+  */
+ 
+ #include <stdlib.h>
++#include <string.h>
+ #include <inttypes.h>
+ 
+ #include "hash.h"
+ 
+-static inline uint32_t getblock32(const uint32_t *p, int i)
+-{
+-	return p[i];
+-}
+-
+ static inline uint32_t rotl32(uint32_t x, int8_t r)
+ {
+ 	return (x << r) | (x >> (32 - r));
+@@ -41,7 +37,6 @@ static inline uint32_t fmix32(uint32_t h)
+ uint32_t hash(const void *key, size_t length)
+ {
+ 	const uint8_t *data = (const uint8_t *)key;
+-	const uint32_t *blocks;
+ 	const uint8_t *tail;
+ 	const int nblocks = length / 4;
+ 	const uint32_t c1 = 0xcc9e2d51;
+@@ -54,9 +49,8 @@ uint32_t hash(const void *key, size_t length)
+ 	uint32_t h1 = 0;
+ 
+ 	/* body */
+-	blocks = (const uint32_t *)(data + nblocks * 4);
+ 	for(i = -nblocks; i; i++) {
+-		k1 = getblock32(blocks, i);
++		memcpy(&k1, data + (nblocks + i) * sizeof(uint32_t), sizeof(uint32_t));
+ 
+ 		k1 *= c1;
+ 		k1 = rotl32(k1, 15);
+@@ -68,7 +62,7 @@ uint32_t hash(const void *key, size_t length)
+ 	}
+ 
+ 	/* tail */
+-	tail = (const uint8_t *)(data + nblocks * 4);
++	tail = data + nblocks * sizeof(uint32_t);
+ 	switch(length & 3) {
+ 	case 3:
+ 		k2 ^= tail[2] << 16;
diff --git a/libseccomp.spec b/libseccomp.spec
index c175fd9..7a6589c 100644
--- a/libseccomp.spec
+++ b/libseccomp.spec
@@ -1,11 +1,16 @@
 Name:           libseccomp
-Version:        2.5.3
-Release:        10%{?dist}
+Version:        2.5.6
+Release:        1%{?dist}
 Summary:        Enhanced seccomp library
 License:        LGPL-2.1-only
 URL:            https://github.com/seccomp/libseccomp
 Source0:        %{url}/releases/download/v%{version}/%{name}-%{version}.tar.gz
 
+# Backports from upstream
+
+# From https://github.com/seccomp/libseccomp/pull/459
+Patch0101:      fix-murmur-hash-strict-aliasing-violation.patch
+
 BuildRequires:  gcc
 BuildRequires:  gperf
 BuildRequires:  make
@@ -83,6 +88,10 @@ rm -f %{buildroot}/%{_libdir}/libseccomp.la
 %{_libdir}/libseccomp.a
 
 %changelog
+* Tue Feb 18 2025 Romain Geissler <romain.geissler@amadeus.com> - 2.5.6-1
+- Upgrade to version 2.5.6.
+  Resolves: RHEL-80090
+
 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.5.3-10
 - Bump release for October 2024 mass rebuild:
   Resolves: RHEL-64018
diff --git a/sources b/sources
index 4616327..5306885 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (libseccomp-2.5.3.tar.gz) = 00170fe2360f0c0b33293dccfcc33e98fabb99619f34ecefbcc92bfdaa249ba91e7433226545b842b71542a3b224b6e980ea2ae656c4addf07e84a0def1870a0
+SHA512 (libseccomp-2.5.6.tar.gz) = c35d8d6f80ee38a96688955932c6bf369101409a470ecf0dc550013b19f57311be907a600adc4d2f4699fb8e94e8038333b4f5702edc3c26b14c36fb6e1c42fd