diff --git a/CVE-2024-24577.patch b/CVE-2024-24577.patch
new file mode 100644
index 0000000..ea3ff2b
--- /dev/null
+++ b/CVE-2024-24577.patch
@@ -0,0 +1,20 @@
+Index: b/read-cache.c
+===================================================================
+--- a/read-cache.c
++++ b/read-cache.c
+@@ -1158,10 +1158,13 @@ static int has_dir_name(struct index_sta
+ 		size_t len;
+ 
+ 		for (;;) {
+-			if (*--slash == '/')
+-				break;
++			slash--;
++
+ 			if (slash <= ce->name)
+ 				return retval;
++
++			if (*slash == '/')
++				break;
+ 		}
+ 		len = slash - name;
+ 
diff --git a/git.changes b/git.changes
index a42ebca..e3c7d91 100644
--- a/git.changes
+++ b/git.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Jul 18 17:38:04 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>
+
+- Add CVE-2024-24577.patch
+  * CVE-2024-24577: arbitrary code execution due to heap corruption
+    in git_index_add (boo#1219660)
+
 -------------------------------------------------------------------
 Fri May 31 22:57:33 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
 
diff --git a/git.spec b/git.spec
index 0fa6d30..c7acb54 100644
--- a/git.spec
+++ b/git.spec
@@ -68,6 +68,8 @@ Patch4:         git-prevent_xss-default.diff
 Patch6:         git-tcsh-completion-fixes.diff
 Patch8:         git-asciidoc.patch
 Patch10:        setup-don-t-fail-if-commondir-reference-is-deleted.patch
+# PATCH-FIX-OPENSUSE CVE-2024-24577.patch boo#1219660 antonio.teixeira@suse.com
+Patch11:        CVE-2024-24577.patch
 BuildRequires:  fdupes
 BuildRequires:  gpg2
 BuildRequires:  libcurl-devel