diff --git a/0001-core-Fix-Coverity-WRAPPER_ESCAPE.patch b/0001-core-Fix-Coverity-WRAPPER_ESCAPE.patch
new file mode 100644
index 0000000..79b8567
--- /dev/null
+++ b/0001-core-Fix-Coverity-WRAPPER_ESCAPE.patch
@@ -0,0 +1,33 @@
+From 96ddae1acba59cf5249dcfff1157e44b5ed69650 Mon Sep 17 00:00:00 2001
+From: Colin Walters <walters@verbum.org>
+Date: Thu, 15 Aug 2024 11:41:43 -0400
+Subject: [PATCH 1/1] core: Fix Coverity WRAPPER_ESCAPE
+
+This should fix:
+
+```
+32. rpm-ostree-2024.7/src/libpriv/rpmostree-core.cxx:1786:15: use_after_free: Using internal representation of destroyed object temporary of type "std::string".
+```
+
+Signed-off-by: Colin Walters <walters@verbum.org>
+---
+ src/libpriv/rpmostree-core.cxx | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/libpriv/rpmostree-core.cxx b/src/libpriv/rpmostree-core.cxx
+index a2de7262..615e2636 100644
+--- a/src/libpriv/rpmostree-core.cxx
++++ b/src/libpriv/rpmostree-core.cxx
+@@ -1782,7 +1782,8 @@ rpmostree_context_prepare (RpmOstreeContext *self, gboolean enable_filelists,
+           auto pkg = "";
+           for (auto &pkg_str : packages)
+             {
+-              pkg = std::string (pkg_str).c_str ();
++              auto pkg_buf = std::string (pkg_str);
++              pkg = pkg_buf.c_str ();
+               char *query = strchr ((char *)pkg, '/');
+               if (query)
+                 {
+-- 
+2.46.0
+
diff --git a/rpm-ostree.spec b/rpm-ostree.spec
index c8642cf..473e13c 100644
--- a/rpm-ostree.spec
+++ b/rpm-ostree.spec
@@ -11,6 +11,8 @@ URL: https://github.com/coreos/rpm-ostree
 # in the upstream git.  It also contains vendored Rust sources.
 Source0: https://github.com/coreos/rpm-ostree/releases/download/v%{version}/rpm-ostree-%{version}.tar.xz
 
+Patch0: 0001-core-Fix-Coverity-WRAPPER_ESCAPE.patch
+
 ExclusiveArch: %{rust_arches}
 
 # ostree not on i686 for RHEL 10