new file mode 100644
@@ -0,0 +1,44 @@
+From 9c24e8a8e04d4bb6de5198bc40a0bdbd860aded0 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Tue, 23 Apr 2024 16:34:46 +0100
+Subject: [PATCH] Only free the read buffers if we're not using them
+
+If we're part way through processing a record, or the application has
+not released all the records then we should not free our buffer because
+they are still needed.
+
+CVE-2024-4741
+
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+Reviewed-by: Neil Horman <nhorman@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/24395)
+
+(cherry picked from commit 38690cab18de88198f46478565fab423cf534efa)
+
+Upstream-Status: Backport from [https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac]
+CVE: CVE-2024-4741
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+
+---
+ ssl/record/methods/tls_common.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c
+index 08e519a..f46da0f 100644
+--- a/ssl/record/methods/tls_common.c
++++ b/ssl/record/methods/tls_common.c
+@@ -2129,7 +2129,10 @@ int tls_free_buffers(OSSL_RECORD_LAYER *rl)
+ /* Read direction */
+
+ /* If we have pending data to be read then fail */
+- if (rl->curr_rec < rl->num_recs || TLS_BUFFER_get_left(&rl->rbuf) != 0)
++ if (rl->curr_rec < rl->num_recs
++ || rl->curr_rec != rl->num_released
++ || TLS_BUFFER_get_left(&rl->rbuf) != 0
++ || rl->rstate == SSL_ST_READ_BODY)
+ return 0;
+
+ return tls_release_read_buffer(rl);
+--
+2.44.0
+
@@ -15,6 +15,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://bti.patch \
file://CVE-2024-2511.patch \
file://CVE-2024-4603.patch \
+ file://CVE-2024-4741.patch \
"
SRC_URI:append:class-nativesdk = " \