diff --git a/fix-caps-parameter-cannot-be-parsed.patch b/fix-caps-parameter-cannot-be-parsed.patch
index 1881b90e09964688bf095ef86e442aea451ed63b..0ffab3a61971e017f4f03d37e7053abf1b4e2cc4 100644
--- a/fix-caps-parameter-cannot-be-parsed.patch
+++ b/fix-caps-parameter-cannot-be-parsed.patch
@@ -4,24 +4,29 @@ Date: Fri, 19 Aug 2022 12:05:11 +0800
 Subject: [PATCH] fix caps parameter cannot be parsed
 
 Signed-off-by: shenxiangwei <shenxiangwei1@huawei.com>
+Signed-off-by: xuce <xuce10@h-parnters.com>
+
 ---
- src/evmctl.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
+ src/evmctl.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
 
 diff --git a/src/evmctl.c b/src/evmctl.c
-index 28f4b8d..6ef2f68 100644
+index a47a65b..a433eed 100644
 --- a/src/evmctl.c
 +++ b/src/evmctl.c
-@@ -440,13 +440,13 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+@@ -440,13 +440,15 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
  		} else if (!strcmp(*xattrname, XATTR_NAME_CAPS) && (hmac_flags & HMAC_FLAG_CAPS_SET)) {
  			if (!caps_str)
  				continue;
 -			err = strlen(caps_str);
-+			hex2bin(xattr_value, caps_str, strlen(caps_str) >> 1);
 +			err = strlen(caps_str) >> 1;
  			if (err >= sizeof(xattr_value)) {
  				log_err("caps[%u] value is too long to fit into xattr[%zu]\n",
- 					err + 1, sizeof(xattr_value));
+-					err + 1, sizeof(xattr_value));
++					err, sizeof(xattr_value));
++				return -1;
++			}
++			if (hex2bin(xattr_value, caps_str, strlen(caps_str) >> 1)) {
  				return -1;
  			}
 -			strcpy(xattr_value, caps_str);
@@ -29,5 +34,5 @@ index 28f4b8d..6ef2f68 100644
  			err = lgetxattr(file, *xattrname, xattr_value, sizeof(xattr_value));
  			if (err < 0) {
 -- 
-2.27.0
+2.43.0
 
diff --git a/ima-evm-utils.spec b/ima-evm-utils.spec
index 2e7c4d8203b6746fea51cf0aacf61d46f165bf2c..9a66c1caf55e409e5d4bec698f6fbe391d705fa3 100644
--- a/ima-evm-utils.spec
+++ b/ima-evm-utils.spec
@@ -1,6 +1,6 @@
 Name:         ima-evm-utils
 Version:      1.3.2
-Release:      9
+Release:      10
 Summary:      IMA/EVM control utilities
 License:      GPLv2
 URL:          http://linux-ima.sourceforge.net/
@@ -80,6 +80,9 @@ make check
 %endif
 
 %changelog
+* Tue Dec 09 2025 Linux_zhang <zhangruifang@h-partners.com> - 1.3.2-10
+- fix the stack overflow vulnerability
+
 * Mon Feb 6 2023 gaoyusong <gaoyusong2@huawei.com> - 1.3.2-9
 - fix i686 build issue