diff --git a/glibc-RHEL-34265.patch b/glibc-RHEL-34265.patch
new file mode 100644
index 0000000..f390d0c
--- /dev/null
+++ b/glibc-RHEL-34265.patch
@@ -0,0 +1,31 @@
+commit 87801a8fd06db1d654eea3e4f7626ff476a9bdaa
+Author: Florian Weimer <fweimer@redhat.com>
+Date:   Thu Apr 25 15:00:45 2024 +0200
+
+    CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)
+    
+    Using alloca matches what other caches do.  The request length is
+    bounded by MAXKEYLEN.
+    
+    Reviewed-by: Carlos O'Donell <carlos@redhat.com>
+
+diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
+index 0c6e46f15c..f227dc7fa2 100644
+--- a/nscd/netgroupcache.c
++++ b/nscd/netgroupcache.c
+@@ -502,12 +502,13 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req,
+       = (struct indataset *) mempool_alloc (db,
+ 					    sizeof (*dataset) + req->key_len,
+ 					    1);
+-  struct indataset dataset_mem;
+   bool cacheable = true;
+   if (__glibc_unlikely (dataset == NULL))
+     {
+       cacheable = false;
+-      dataset = &dataset_mem;
++      /* The alloca is safe because nscd_run_worker verfies that
++	 key_len is not larger than MAXKEYLEN.  */
++      dataset = alloca (sizeof (*dataset) + req->key_len);
+     }
+ 
+   datahead_init_pos (&dataset->head, sizeof (*dataset) + req->key_len,
diff --git a/glibc.spec b/glibc.spec
index 0a053eb..222c431 100644
--- a/glibc.spec
+++ b/glibc.spec
@@ -155,7 +155,7 @@ end \
 Summary: The GNU libc libraries
 Name: glibc
 Version: %{glibcversion}
-Release: 110%{?dist}
+Release: 111%{?dist}
 
 # In general, GPLv2+ is used by programs, LGPLv2+ is used for
 # libraries.
@@ -827,6 +827,7 @@ Patch590: glibc-RHEL-22165-4.patch
 Patch591: glibc-RHEL-22165-5.patch
 Patch592: glibc-RHEL-31805.patch
 Patch593: glibc-RHEL-25063.patch
+Patch594: glibc-RHEL-34265.patch
 
 ##############################################################################
 # Continued list of core "glibc" package information:
@@ -2985,6 +2986,9 @@ update_gconv_modules_cache ()
 %endif
 
 %changelog
+* Mon Jun 10 2024 Patsy Griffin <patsy@redhat.com> - 2.34-111
+- CVE-2024-33599: nscd: buffer overflow in netgroup cache (RHEL-34265)
+
 * Mon Jun 10 2024 Arjun Shankar <arjun@redhat.com> - 2.34-110
 - Add new test for malloc mmap fall-back path upon sbrk failure (RHEL-25063)