diff --git a/0001-patch-8.2.4327-may-end-up-with-no-current-buffer.patch b/0001-patch-8.2.4327-may-end-up-with-no-current-buffer.patch
new file mode 100644
index 0000000..8c2cf3a
--- /dev/null
+++ b/0001-patch-8.2.4327-may-end-up-with-no-current-buffer.patch
@@ -0,0 +1,110 @@
+From e3537aec2f8d6470010547af28dcbd83d41461b8 Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Tue, 8 Feb 2022 15:05:20 +0000
+Subject: [PATCH] patch 8.2.4327: may end up with no current buffer
+
+Problem:    May end up with no current buffer.
+Solution:   When deleting the current buffer to not pick a quickfix buffer as
+            the new current buffer.
+---
+ src/buffer.c                  | 26 ++++++++++++++++++++++----
+ src/testdir/test_quickfix.vim | 25 +++++++++++++++++++++++++
+ src/version.c                 |  2 ++
+ 3 files changed, 49 insertions(+), 4 deletions(-)
+
+diff --git a/src/buffer.c b/src/buffer.c
+index 81bdb31ca..b3e2bc3f9 100644
+--- a/src/buffer.c
++++ b/src/buffer.c
+@@ -1430,8 +1430,14 @@ do_buffer_ext(
+ 		buf = buflist_findnr(curwin->w_jumplist[jumpidx].fmark.fnum);
+ 		if (buf != NULL)
+ 		{
+-		    if (buf == curbuf || !buf->b_p_bl)
+-			buf = NULL;	// skip current and unlisted bufs
++		    // Skip current and unlisted bufs.  Also skip a quickfix
++		    // buffer, it might be deleted soon.
++		    if (buf == curbuf || !buf->b_p_bl
++#if defined(FEAT_QUICKFIX)
++			    || bt_quickfix(buf)
++#endif
++			    )
++			buf = NULL;
+ 		    else if (buf->b_ml.ml_mfp == NULL)
+ 		    {
+ 			// skip unloaded buf, but may keep it for later
+@@ -1467,7 +1473,11 @@ do_buffer_ext(
+ 		    continue;
+ 		}
+ 		// in non-help buffer, try to skip help buffers, and vv
+-		if (buf->b_help == curbuf->b_help && buf->b_p_bl)
++		if (buf->b_help == curbuf->b_help && buf->b_p_bl
++#if defined(FEAT_QUICKFIX)
++			    && !bt_quickfix(buf)
++#endif
++			   )
+ 		{
+ 		    if (buf->b_ml.ml_mfp != NULL)   // found loaded buffer
+ 			break;
+@@ -1485,7 +1495,11 @@ do_buffer_ext(
+ 	if (buf == NULL)	// No loaded buffer, find listed one
+ 	{
+ 	    FOR_ALL_BUFFERS(buf)
+-		if (buf->b_p_bl && buf != curbuf)
++		if (buf->b_p_bl && buf != curbuf
++#if defined(FEAT_QUICKFIX)
++			    && !bt_quickfix(buf)
++#endif
++		       )
+ 		    break;
+ 	}
+ 	if (buf == NULL)	// Still no buffer, just take one
+@@ -1494,6 +1508,10 @@ do_buffer_ext(
+ 		buf = curbuf->b_next;
+ 	    else
+ 		buf = curbuf->b_prev;
++#if defined(FEAT_QUICKFIX)
++	    if (bt_quickfix(buf))
++		buf = NULL;
++#endif
+ 	}
+     }
+ 
+diff --git a/src/testdir/test_quickfix.vim b/src/testdir/test_quickfix.vim
+index 07fdb9644..adb0ea4fd 100644
+--- a/src/testdir/test_quickfix.vim
++++ b/src/testdir/test_quickfix.vim
+@@ -5851,5 +5851,30 @@ func Test_lopen_bwipe()
+   delfunc R
+ endfunc
+ 
++" Another sequence of commands that caused all buffers to be wiped out
++func Test_lopen_bwipe_all()
++  let lines =<< trim END
++    func R()
++      silent! tab lopen
++      e foo
++      silent! lfile
++    endfunc
++    cal R()
++    exe "norm \<C-W>\<C-V>0"
++    cal R()
++    bwipe
++
++    call writefile(['done'], 'Xresult')
++    qall!
++  END
++  call writefile(lines, 'Xscript')
++  if RunVim([], [], '-u NONE -n -X -Z -e -m -s -S Xscript')
++    call assert_equal(['done'], readfile('Xresult'))
++  endif
++
++  call delete('Xscript')
++  call delete('Xresult')
++endfunc
++
+ 
+ " vim: shiftwidth=2 sts=2 expandtab
+-- 
+2.35.1
+
diff --git a/vim.spec b/vim.spec
index aab134b..24c1031 100644
--- a/vim.spec
+++ b/vim.spec
@@ -27,7 +27,7 @@ Summary: The VIM editor
 URL:     http://www.vim.org/
 Name: vim
 Version: %{baseversion}.%{patchlevel}
-Release: 15%{?dist}
+Release: 16%{?dist}
 License: Vim and MIT
 Source0: ftp://ftp.vim.org/pub/vim/unix/vim-%{baseversion}-%{patchlevel}.tar.bz2
 Source1: virc
@@ -116,6 +116,7 @@ Patch3041: 0001-patch-8.2.4359-crash-when-repeatedly-using-retab.patch
 Patch3042: 0001-patch-8.2.4397-crash-when-using-many-composing-chara.patch
 # CVE-2022-0714 vim: buffer overflow [rhel-9]
 Patch3043: 0001-patch-8.2.4436-crash-with-weird-vartabstop-value.patch
+Patch3044: 0001-patch-8.2.4327-may-end-up-with-no-current-buffer.patch
 
 # gcc is no longer in buildroot by default
 BuildRequires: gcc
@@ -346,6 +347,7 @@ perl -pi -e "s,bin/nawk,bin/awk,g" runtime/tools/mve.awk
 %patch3041 -p1 -b .cve0572
 %patch3042 -p1 -b .cve0629
 %patch3043 -p1 -b .cve0714
+%patch3044 -p1 -b .cve0554
 
 %build
 cd src
@@ -903,6 +905,9 @@ touch %{buildroot}/%{_datadir}/%{name}/vimfiles/doc/tags
 %endif
 
 %changelog
+* Mon Mar 28 2022 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-16
+- CVE-2022-0554 vim: Use of Out-of-range Pointer Offset in vim prior
+
 * Thu Feb 24 2022 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-15
 - CVE-2022-0714 vim: buffer overflow [rhel-9]