diff --git a/backport-CVE-2024-11407.patch b/backport-CVE-2024-11407.patch
new file mode 100644
index 0000000000000000000000000000000000000000..8c45b116842eae0636f80df0b8d0ad7f3ad1d003
--- /dev/null
+++ b/backport-CVE-2024-11407.patch
@@ -0,0 +1,28 @@
+From e9046b2bbebc0cb7f5dc42008f807f6c7e98e791 Mon Sep 17 00:00:00 2001
+From: Vignesh Babu <vigneshbabu@google.com>
+Date: Thu, 12 Sep 2024 11:13:45 -0700
+Subject: [PATCH] [EventEngine] Fix bug in Tx0cp code path in posix endpoint.
+
+This fix ensures that the iov_base pointers point to the right address.
+
+PiperOrigin-RevId: 673923651
+
+Conflict: NA
+Reference: https://github.com/grpc/grpc/commit/e9046b2bbebc0cb7f5dc42008f807f6c7e98e791
+---
+ src/core/lib/event_engine/posix_engine/posix_endpoint.cc | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/core/lib/event_engine/posix_engine/posix_endpoint.cc b/src/core/lib/event_engine/posix_engine/posix_endpoint.cc
+index 7634bb1334b81..c5708db02c57a 100644
+--- a/src/core/lib/event_engine/posix_engine/posix_endpoint.cc
++++ b/src/core/lib/event_engine/posix_engine/posix_endpoint.cc
+@@ -236,7 +236,7 @@ msg_iovlen_type TcpZerocopySendRecord::PopulateIovs(size_t* unwind_slice_idx,
+        iov_size++) {
+     MutableSlice& slice = internal::SliceCast<MutableSlice>(
+         buf_.MutableSliceAt(out_offset_.slice_idx));
+-    iov[iov_size].iov_base = slice.begin();
++    iov[iov_size].iov_base = slice.begin() + out_offset_.byte_idx;
+     iov[iov_size].iov_len = slice.length() - out_offset_.byte_idx;
+     *sending_length += iov[iov_size].iov_len;
+     ++(out_offset_.slice_idx);
diff --git a/grpc.spec b/grpc.spec
index a0ef7767fa37607db63238074affda2a5f64f9c3..da5cd76d786996287153185a5f8cb4ab1a1ead08 100644
--- a/grpc.spec
+++ b/grpc.spec
@@ -4,7 +4,7 @@
 
 Name:          grpc
 Version:       1.60.0
-Release:       4
+Release:       5
 Summary:       A modern, open source high performance RPC framework that can run in any environment
 License:       ASL 2.0
 URL:           https://www.grpc.io
@@ -16,6 +16,7 @@ Patch0009:     remove-cert-expired-on-20230930.patch
 Patch0010:     backport-Specify-noexcept-for-cdef-functions.patch
 Patch0011:     remove-cert-expired-at-20250512.patch
 Patch0012:     backport-CVE-2024-7246-chttp2-Fix-a-bug-in-hpack-error-handling.patch
+Patch0013:     backport-CVE-2024-11407.patch
 
 BuildRequires: gcc-c++ pkgconfig protobuf-devel protobuf-compiler protobuf-lite-devel
 BuildRequires: openssl-devel c-ares-devel gtest-devel zlib-devel gperftools-devel
@@ -158,6 +159,12 @@ cd ../..
 %{python3_sitearch}/grpcio-%{version}-py*
 
 %changelog
+* Tue Dec 03 2024 xinghe <xinghe2@h-partners.com> - 1.60.0-5
+- Type:CVE
+- CVE:CVE-2024-11407
+- SUG:NA
+- DESC:fix CVE-2024-11407
+
 * Wed Aug 14 2024 zhouyihang <zhouyihang3@h-partners.com> - 1.60.0-4
 - Type:CVE
 - CVE:CVE-2024-7246