diff --git a/backport-0042-gettext-Integer-overflow-leads-to-heap-OOB-write.patch b/backport-0042-gettext-Integer-overflow-leads-to-heap-OOB-write.patch
new file mode 100644
index 0000000000000000000000000000000000000000..be00ae433e094b2121dea0cbeec74a14a448ab91
--- /dev/null
+++ b/backport-0042-gettext-Integer-overflow-leads-to-heap-OOB-write.patch
@@ -0,0 +1,56 @@
+From b970a5ed967816bbca8225994cd0ee2557bad515 Mon Sep 17 00:00:00 2001
+From: Lidong Chen <lidong.chen@oracle.com>
+Date: Fri, 22 Nov 2024 06:27:57 +0000
+Subject: [PATCH 42/73] gettext: Integer overflow leads to heap OOB write
+
+The size calculation of the translation buffer in
+grub_gettext_getstr_from_position() may overflow
+to 0 leading to heap OOB write. This patch fixes
+the issue by using grub_add() and checking for
+an overflow.
+
+Fixes: CVE-2024-45777
+
+Reported-by: Nils Langius <nils@langius.de>
+Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
+---
+ grub-core/gettext/gettext.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/grub-core/gettext/gettext.c b/grub-core/gettext/gettext.c
+index 63bb1ab73..9ffc73428 100644
+--- a/grub-core/gettext/gettext.c
++++ b/grub-core/gettext/gettext.c
+@@ -26,6 +26,7 @@
+ #include <grub/file.h>
+ #include <grub/kernel.h>
+ #include <grub/i18n.h>
++#include <grub/safemath.h>
+ 
+ GRUB_MOD_LICENSE ("GPLv3+");
+ 
+@@ -99,6 +100,7 @@ grub_gettext_getstr_from_position (struct grub_gettext_context *ctx,
+   char *translation;
+   struct string_descriptor desc;
+   grub_err_t err;
++  grub_size_t alloc_sz;
+ 
+   internal_position = (off + position * sizeof (desc));
+ 
+@@ -109,7 +111,10 @@ grub_gettext_getstr_from_position (struct grub_gettext_context *ctx,
+   length = grub_cpu_to_le32 (desc.length);
+   offset = grub_cpu_to_le32 (desc.offset);
+ 
+-  translation = grub_malloc (length + 1);
++  if (grub_add (length, 1, &alloc_sz))
++    return NULL;
++
++  translation = grub_malloc (alloc_sz);
+   if (!translation)
+     return NULL;
+ 
+-- 
+2.33.0
+
diff --git a/grub.patches b/grub.patches
index 2806751dbaeb53baeeebef566cf7b2a7343b68df..fbbb4fb718f2793f2e65a97253eec8e046682ab1 100644
--- a/grub.patches
+++ b/grub.patches
@@ -214,3 +214,4 @@ Patch1012: 1012-Clear-buffer-to-zero-for-screen-information.patch
 Patch1014: 1014-loongarch-Disable-vector-instructions.patch
 Patch1015: 1015-misc-Implement-grub_strlcpy.patch
 Patch1016: 1016-CVE-2025-0624-net-Fix-OOB-write-in-grub_net_search_config_file.patch
+Patch1017: backport-0042-gettext-Integer-overflow-leads-to-heap-OOB-write.patch
diff --git a/grub2.spec b/grub2.spec
index a6ff615238088d402b6fd598cbc3ec047b732169..f6ddbb9c5d09226c853b50789ea1a11a6d8791a4 100644
--- a/grub2.spec
+++ b/grub2.spec
@@ -1,4 +1,4 @@
-%define anolis_release 14
+%define anolis_release 15
 %global _lto_cflags %{nil}
 
 %undefine _hardened_build
@@ -506,6 +506,9 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg
 %endif
 
 %changelog
+* Tue Aug 05 2025 tomcruiseqi <tomcruiseqi@inspur.com> - 1:2.12-15
+- Fix CVE-2024-45777
+
 * Tue Jul 29 2025 zjl002254423 <zjl02254423@alibaba-inc.com> -2.12-14
 - Fix CVE-2025-0624