diff --git a/.dpdk.metadata b/.dpdk.metadata
index 966b040..e90d850 100644
--- a/.dpdk.metadata
+++ b/.dpdk.metadata
@@ -1,2 +1,2 @@
-17331a86759beba4b6635ed530ce23b0b73c0744 SOURCES/dpdk-21.11.tar.xz
+d36c9e0949cb80d890273365f0d2b627d7f6f21b SOURCES/dpdk-21.11.2.tar.xz
 3cc45b133677fbff08e89e65a2120be52ebb27a5 SOURCES/pyelftools-0.27.tar.gz
diff --git a/.gitignore b/.gitignore
index 18b4ccd..dbe2f1d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
-SOURCES/dpdk-21.11.tar.xz
+SOURCES/dpdk-21.11.2.tar.xz
 SOURCES/pyelftools-0.27.tar.gz
diff --git a/SOURCES/0001-vhost-fix-virtqueue-use-after-free-on-NUMA-reallocat.patch b/SOURCES/0001-vhost-fix-virtqueue-use-after-free-on-NUMA-reallocat.patch
new file mode 100644
index 0000000..cb52a30
--- /dev/null
+++ b/SOURCES/0001-vhost-fix-virtqueue-use-after-free-on-NUMA-reallocat.patch
@@ -0,0 +1,34 @@
+From 8010a15523e896ca2f2436432602210cab793f87 Mon Sep 17 00:00:00 2001
+From: David Marchand <david.marchand@redhat.com>
+Date: Mon, 25 Jul 2022 22:32:03 +0200
+Subject: [PATCH] vhost: fix virtqueue use after free on NUMA reallocation
+
+[ upstream commit 0b2a2ca35037d6a5168f0832c11d9858b8ae946a ]
+
+translate_ring_addresses (via numa_realloc) may change a virtio device and
+virtio queue.
+The virtqueue object must be refreshed before accessing the lock.
+
+Fixes: 04c27cb673b9 ("vhost: fix unsafe vring addresses modifications")
+
+Signed-off-by: David Marchand <david.marchand@redhat.com>
+Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
+---
+ lib/vhost/vhost_user.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/vhost/vhost_user.c b/lib/vhost/vhost_user.c
+index df780fd7d6..2b45e35d4a 100644
+--- a/lib/vhost/vhost_user.c
++++ b/lib/vhost/vhost_user.c
+@@ -2575,6 +2575,7 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, struct VhostUserMsg *msg,
+ 			if (is_vring_iotlb(dev, vq, imsg)) {
+ 				rte_spinlock_lock(&vq->access_lock);
+ 				*pdev = dev = translate_ring_addresses(dev, i);
++				vq = dev->virtqueue[i];
+ 				rte_spinlock_unlock(&vq->access_lock);
+ 			}
+ 		}
+-- 
+2.37.3
+
diff --git a/SPECS/dpdk.spec b/SPECS/dpdk.spec
index fb12fbc..b2dbe55 100644
--- a/SPECS/dpdk.spec
+++ b/SPECS/dpdk.spec
@@ -8,10 +8,10 @@
 #% define date 20191128
 #% define shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
-%define ver 21.11
+%define ver 21.11.2
 %define rel 1
 
-%define srcname dpdk
+%define srcname dpdk%(awk -F. '{ if (NF > 2) print "-stable" }' <<<%{version})
 
 %define pyelftoolsver 0.27
 
@@ -31,8 +31,7 @@ Source: http://fast.dpdk.org/rel/dpdk-%{ver}.tar.xz
 # Only needed for creating snapshot tarballs, not used in build itself
 Source100: dpdk-snapshot.sh
 
-# Patches only in dpdk package
-
+Patch1: 0001-vhost-fix-virtqueue-use-after-free-on-NUMA-reallocat.patch
 
 Summary: Set of libraries and drivers for fast packet processing
 
@@ -274,6 +273,14 @@ rm -rf %{docdir}/html/.doctrees
 %endif
 
 %changelog
+* Mon Sep 12 2022 Timothy Redaelli <tredaelli@redhat.com> - 21.11.2-1
+- Rebase to 21.11.2 (#2126159)
+- Includes fixes for CVE-2022-2132 (#2107173) and CVE-2022-28199 (#2123616)
+
+* Wed Jul 13 2022 Timothy Redaelli <tredaelli@redhat.com> - 21.11.1-1
+- Rebase to 21.11.1 (#2106856)
+- Includes fix for CVE-2021-3839 (#2026642)
+
 * Tue Nov 23 2021 David Marchand <david.marchand@redhat.com> - 21.11-1
 - Rebase to 21.11 (#2030616)