diff --git a/src/wp-admin/includes/file.php b/src/wp-admin/includes/file.php
index b00752e..14f0588 100644
--- a/src/wp-admin/includes/file.php
+++ b/src/wp-admin/includes/file.php
@@ -824,6 +824,27 @@ function _wp_handle_upload( &$file, $overrides, $time, $action ) {
 		return call_user_func_array( $upload_error_handler, array( &$file, $uploads['error'] ) );
 	}
 
+	$name = wp_basename( $file['name'], ".$ext" );
+	if ( preg_match( "/-\d+x\d+(?=\.{$ext}\$)/", $file['name'] ) ) {
+		// Always append `-\d+` to file names that can potentially match other subsize file names.
+		$i = 1;
+		while ( is_file( "{$uploads['path']}/$name-$i.$ext" ) ) {
+			$i++;
+		}
+		$file['name'] = "$name-$i.$ext";
+	}
+	else {
+		// prevent filename collisions with original filenames that contained dimension-like strings
+		// uploaded prior to patch #xxx
+		$collisions = glob( "{$uploads['path']}/$name-[0123456789]x[0123456789].$ext" );
+		$i = 1;
+		while ( ! empty( $collisions ) ) {
+			$collisions = glob( "{$uploads['path']}/$name-$i-[0123456789]x[0123456789].$ext" );
+			$i++;
+		}
+		$file['name'] = "$name-$i.$ext";
+	}
+
 	$filename = wp_unique_filename( $uploads['path'], $file['name'], $unique_filename_callback );
 
 	// Move the file to the uploads dir.