diff --git a/backport-Fix-a-memory-leak-in-glob_for_cachedir.patch b/backport-Fix-a-memory-leak-in-glob_for_cachedir.patch
new file mode 100644
index 0000000000000000000000000000000000000000..4366f8e0c698eb41782a2091f0c6b1f8d7f1276e
--- /dev/null
+++ b/backport-Fix-a-memory-leak-in-glob_for_cachedir.patch
@@ -0,0 +1,53 @@
+From b245193e881912cf730b53ece74c410ef573e292 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Wed, 17 Jul 2024 09:30:59 +0200
+Subject: [PATCH 1/1] Fix a memory leak in glob_for_cachedir()
+
+Covscan complains:
+
+    Error: RESOURCE_LEAK (CWE-772): [#def1] [important]
+    libdnf-0.73.1/libdnf/hy-iutil.cpp:100:5: alloc_arg: "wordexp" allocates memory that is stored into "word_vector.we_wordv".
+    libdnf-0.73.1/libdnf/hy-iutil.cpp:102:9: leaked_storage: Variable "word_vector" going out of scope leaks the storage "word_vector.we_wordv" points to.
+    #  100|       if (wordexp(p, &word_vector, 0)) {
+    #  101|           g_free(p);
+    #  102|->         return ret;
+    #  103|       }
+    #  104|       for (guint i = 0; i < word_vector.we_wordc; ++i) {
+
+The issue is that Covscan model thinks that word_vector should be
+freed after failing wordexp(). glibc's manual does not explain whether
+it is or isn't necessary. However, POSIX manual mentions that the
+memory is valid on WRDE_NOSPACE (not enough memory) error. Reading
+glibc sources confirms that wordexp() on any error except of
+WRDE_NOSPACE cleans up and returns original, intact word_vector.
+
+Therefore I recognize the missing wordfree() call as an error and
+this patch fixed it.
+---
+ libdnf/hy-iutil.cpp | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libdnf/hy-iutil.cpp b/libdnf/hy-iutil.cpp
+index 43314c60..4848c9f7 100644
+--- a/libdnf/hy-iutil.cpp
++++ b/libdnf/hy-iutil.cpp
+@@ -89,7 +89,7 @@ glob_for_cachedir(char *path)
+     if (!g_str_has_suffix(path, "XXXXXX"))
+         return ret;
+ 
+-    wordexp_t word_vector;
++    wordexp_t word_vector = {0};
+     char *p = g_strdup(path);
+     const int len = strlen(p);
+     struct stat s;
+@@ -98,6 +98,7 @@ glob_for_cachedir(char *path)
+     p[len-6] = '*';
+     p[len-5] = '\0';
+     if (wordexp(p, &word_vector, 0)) {
++        wordfree(&word_vector);
+         g_free(p);
+         return ret;
+     }
+-- 
+2.25.1
+
diff --git a/libdnf.spec b/libdnf.spec
index 88df41bdaa33204d119730ab0ccf29581becdadc..ffb520d7bccd1128cf52acb75844eca6f70e246a 100644
--- a/libdnf.spec
+++ b/libdnf.spec
@@ -20,7 +20,7 @@
 
 Name:                      libdnf
 Version:                   0.48.0
-Release:                   7
+Release:                   8
 Summary:                   Library providing simplified C and Python API to libsolv
 License:                   LGPLv2+
 URL:                       https://github.com/rpm-software-management/libdnf
@@ -40,6 +40,7 @@ Patch4:                    add-sw_64-support-for-libdnf.patch
 Patch6001:                 backport-Fix-countme-bucket-calculation.patch
 Patch6002:                 backport-Fix-up-some-comments-in-addCountmeFlag.patch
 Patch6003:                 backport-subject-py-Fix-memory-leak.patch 
+Patch6004:                 backport-Fix-a-memory-leak-in-glob_for_cachedir.patch
 
 BuildRequires:             cmake gcc gcc-c++ libsolv-devel >= %{libsolv_version} gettext
 BuildRequires:             pkgconfig(librepo) >= %{librepo_version} pkgconfig(check)              
@@ -220,6 +221,9 @@ popd
 %endif
 
 %changelog
+* Mon Jul 29 2024 Wenhua Huang <huangwenhua@Kylinos.cn> - 0.48.0-8
+- Fix a memory leak in glob_for_cachedir()
+
 * Tue Jul 23 2024 LuWu <2398491106@qq.com> - 0.48.0-7
 - Fix memory leak detected in get_best_solution() method