diff --git a/.yajl.metadata b/.yajl.metadata
new file mode 100644
index 0000000..79a8fcc
--- /dev/null
+++ b/.yajl.metadata
@@ -0,0 +1 @@
+29ce2b9695ae93e1b0b349a22cea8067f25a9025 yajl-2.1.0.tar.gz
diff --git a/yajl-2.1.0-CVE-2022-24795.patch b/yajl-2.1.0-CVE-2022-24795.patch
new file mode 100644
index 0000000..d27a339
--- /dev/null
+++ b/yajl-2.1.0-CVE-2022-24795.patch
@@ -0,0 +1,38 @@
+From d3a528c788ba9e531fab91db41d3a833c54da325 Mon Sep 17 00:00:00 2001
+From: Jacek Tomasiak <jacek.tomasiak@gmail.com>
+Date: Thu, 12 May 2022 13:02:47 +0200
+Subject: [PATCH] Fix CVE-2022-24795 (from brianmario/yajl-ruby)
+
+The buffer reallocation could cause heap corruption because of `need`
+overflow for large inputs. In addition, there's a possible infinite loop
+in case `need` reaches zero.
+
+The fix is to `abort()` if the loop ends with lower value of `need` than
+when it started.
+---
+ src/yajl_buf.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+Index: yajl-2.1.0/src/yajl_buf.c
+===================================================================
+diff -up yajl-2.1.0/src/yajl_buf.c.CVE-2022-24795 yajl-2.1.0/src/yajl_buf.c
+--- yajl-2.1.0/src/yajl_buf.c.CVE-2022-24795	2024-01-05 14:37:48.291676702 +0100
++++ yajl-2.1.0/src/yajl_buf.c	2024-01-05 14:38:48.088674110 +0100
+@@ -45,7 +45,16 @@ int yajl_buf_ensure_available(yajl_buf b
+ 
+     need = buf->len;
+ 
+-    while (want >= (need - buf->used)) need <<= 1;
++    while (need > 0 && want >= (need - buf->used)) {
++        /* this eventually "overflows" to zero */
++        need <<= 1;
++    }
++
++    /* overflow */
++    if (need < buf->len) {
++        abort();
++    }
++
+     if (need < buf->used) {
+          return -1;
+     }
diff --git a/yajl.spec b/yajl.spec
index 685faf2..19b750d 100644
--- a/yajl.spec
+++ b/yajl.spec
@@ -3,7 +3,7 @@
 
 Name: yajl
 Version: 2.1.0
-Release: 22%{?dist}
+Release: 23%{?dist}
 Summary: Yet Another JSON Library (YAJL)
 
 License: ISC
@@ -26,6 +26,7 @@ Patch4: %{name}-%{version}-dynlink-binaries.patch
 Patch5: https://github.com/containers/yajl/commit/49923ccb2143e36850bcdeb781e2bcdf5ce22f15.patch
 Patch6: https://github.com/openEuler-BaseService/yajl/commit/3d65cb0c6db4d433e5e42ee7d91d8a04e21337cf.patch
 Patch7: https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698.patch
+Patch8: yajl-2.1.0-CVE-2022-24795.patch
 
 BuildRequires:  gcc
 BuildRequires: cmake
@@ -56,6 +57,7 @@ necessary for developing against the YAJL library
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1
 
 %build
 # NB, we are not using upstream's 'configure'/'make'
@@ -100,6 +102,10 @@ cd test
 
 
 %changelog
+* Fri Jan 05 2024 Jindrich Novy <jnovy@redhat.com> - 2.1.0-23
+- fix CVE-2022-24795
+- Related: Jira:RHEL-2112
+
 * Wed Jul 12 2023 Jindrich Novy <jnovy@redhat.com> - 2.1.0-22
 - fix CVE-2023-33460
 - Resolves: #2221253