diff --git a/NEWS b/NEWS
index 0da61aeb3fb..ed4d89aec3f 100644
--- a/NEWS
+++ b/NEWS
@@ -33,6 +33,10 @@ PHP                                                                        NEWS
 - JSON:
   . Fixed bug GH-15168 (stack overflow in json_encode()). (nielsdos)
 
+- GD:
+  . Fixed bug 16232 (bitshift overflow on wbmp file content reading /
+    fix backport from upstream). (David Carlier)
+
 - LDAP:
   . Fixed bug GH-16032 (Various NULL pointer dereferencements in
     ldap_modify_batch()). (Girgias)
diff --git a/ext/gd/libgd/wbmp.c b/ext/gd/libgd/wbmp.c
index 4c3eeee7df8..dbca0f0178c 100644
--- a/ext/gd/libgd/wbmp.c
+++ b/ext/gd/libgd/wbmp.c
@@ -37,7 +37,8 @@
 int
 getmbi (int (*getin) (void *in), void *in)
 {
-  int i, mbi = 0;
+  unsigned int mbi = 0;
+  int i;
 
   do
     {
diff --git a/ext/gd/tests/gh16232.phpt b/ext/gd/tests/gh16232.phpt
new file mode 100644
index 00000000000..7f839d737bb
--- /dev/null
+++ b/ext/gd/tests/gh16232.phpt
@@ -0,0 +1,27 @@
+--TEST--
+GH-16232 (Overflow on reading wbmp content)
+--EXTENSIONS--
+gd
+--FILE--
+<?php
+$good_webp = __DIR__ . '/src.wbmp';
+$bad_webp = __DIR__ . "/gh16232.webp";
+copy($good_webp, $bad_webp);
+var_dump(imagecreatefromwbmp($bad_webp));
+$data = file_get_contents($bad_webp);
+$data[3] = chr(-1);
+file_put_contents($bad_webp, $data);
+var_dump(imagecreatefromwbmp($bad_webp));
+$data[3] = chr(1000);
+file_put_contents($bad_webp, $data);
+var_dump(imagecreatefromwbmp($bad_webp));
+unlink($bad_webp);
+--EXPECTF--
+object(GdImage)#1 (0) {
+}
+
+Warning: imagecreatefromwbmp(): "%s" is not a valid WBMP file in %s on line %d
+bool(false)
+
+Warning: imagecreatefromwbmp(): "%s" is not a valid WBMP file in %s on line %d
+bool(false)