diff --git a/patches.suse/ext4-avoid-allocating-blocks-from-corrupted-group-in.patch b/patches.suse/ext4-avoid-allocating-blocks-from-corrupted-group-in.patch
new file mode 100644
index 0000000..aa98b35
--- /dev/null
+++ b/patches.suse/ext4-avoid-allocating-blocks-from-corrupted-group-in.patch
@@ -0,0 +1,60 @@
+From 4530b3660d396a646aad91a787b6ab37cf604b53 Mon Sep 17 00:00:00 2001
+From: Baokun Li <libaokun1@huawei.com>
+Date: Thu, 4 Jan 2024 22:20:38 +0800
+Subject: [PATCH] ext4: avoid allocating blocks from corrupted group in
+ ext4_mb_try_best_found()
+Git-commit: 4530b3660d396a646aad91a787b6ab37cf604b53
+Patch-mainline: v6.8-rc3
+References: bsc#1222618 CVE-2024-26773
+
+Determine if the group block bitmap is corrupted before using ac_b_ex in
+ext4_mb_try_best_found() to avoid allocating blocks from a group with a
+corrupted block bitmap in the following concurrency and making the
+situation worse.
+
+ext4_mb_regular_allocator
+  ext4_lock_group(sb, group)
+  ext4_mb_good_group
+   // check if the group bbitmap is corrupted
+  ext4_mb_complex_scan_group
+   // Scan group gets ac_b_ex but doesn't use it
+  ext4_unlock_group(sb, group)
+                           ext4_mark_group_bitmap_corrupted(group)
+                           // The block bitmap was corrupted during
+                           // the group unlock gap.
+  ext4_mb_try_best_found
+    ext4_lock_group(ac->ac_sb, group)
+    ext4_mb_use_best_found
+      mb_mark_used
+      // Allocating blocks in block bitmap corrupted group
+
+Signed-off-by: Baokun Li <libaokun1@huawei.com>
+Reviewed-by: Jan Kara <jack@suse.cz>
+Link: https://lore.kernel.org/r/20240104142040.2835097-7-libaokun1@huawei.com
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+Acked-by: Jan Kara <jack@suse.cz>
+
+---
+ fs/ext4/mballoc.c |    4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/fs/ext4/mballoc.c
++++ b/fs/ext4/mballoc.c
+@@ -1819,6 +1819,9 @@ int ext4_mb_try_best_found(struct ext4_a
+ 		return err;
+ 
+ 	ext4_lock_group(ac->ac_sb, group);
++	if (unlikely(EXT4_MB_GRP_BBITMAP_CORRUPT(e4b->bd_info)))
++		goto out;
++
+ 	max = mb_find_extent(e4b, ex.fe_start, ex.fe_len, &ex);
+ 
+ 	if (max > 0) {
+@@ -1826,6 +1829,7 @@ int ext4_mb_try_best_found(struct ext4_a
+ 		ext4_mb_use_best_found(ac, e4b);
+ 	}
+ 
++out:
+ 	ext4_unlock_group(ac->ac_sb, group);
+ 	ext4_mb_unload_buddy(e4b);
+ 
diff --git a/series.conf b/series.conf
index 3b7f84d..771752d 100644
--- a/series.conf
+++ b/series.conf
@@ -65077,6 +65077,7 @@
 	patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-the-edma_probe.patch
 	patches.suse/USB-hub-check-for-alternate-port-before-enabling-A_A.patch
 	patches.suse/ext4-fix-double-free-of-blocks-due-to-wrong-extents-.patch
+	patches.suse/ext4-avoid-allocating-blocks-from-corrupted-group-in.patch
 	patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch
 	patches.suse/net-openvswitch-limit-the-number-of-recursions-from-.patch
 	patches.suse/tls-fix-race-between-tx-work-scheduling-and-socket-c.patch