diff --git a/0001-patch-8.2.4154-ml_get-error-when-exchanging-windows-.patch b/0001-patch-8.2.4154-ml_get-error-when-exchanging-windows-.patch
new file mode 100644
index 0000000..29e751a
--- /dev/null
+++ b/0001-patch-8.2.4154-ml_get-error-when-exchanging-windows-.patch
@@ -0,0 +1,43 @@
+diff -up vim82/src/testdir/test_visual.vim.cve0319 vim82/src/testdir/test_visual.vim
+--- vim82/src/testdir/test_visual.vim.cve0319	2022-02-08 13:24:54.170813231 +0100
++++ vim82/src/testdir/test_visual.vim	2022-02-08 13:26:21.313747976 +0100
+@@ -985,4 +985,15 @@ func Test_visual_block_insert_round_off(
+   bwipe!
+ endfunc
+ 
++" this was causing an ml_get error
++func Test_visual_exchange_windows()
++  enew!
++  new
++  call setline(1, ['foo', 'bar'])
++  exe "normal G\<C-V>gg\<C-W>\<C-X>OO\<Esc>"
++  bwipe!
++  bwipe!
++endfunc
++
++
+ " vim: shiftwidth=2 sts=2 expandtab
+diff -up vim82/src/window.c.cve0319 vim82/src/window.c
+--- vim82/src/window.c.cve0319	2022-02-08 13:24:54.137813879 +0100
++++ vim82/src/window.c	2022-02-08 13:24:54.171813211 +0100
+@@ -1697,6 +1697,11 @@ win_exchange(long Prenum)
+ 
+     (void)win_comp_pos();		// recompute window positions
+ 
++    if (wp->w_buffer != curbuf)
++	reset_VIsual_and_resel();
++    else if (VIsual_active)
++	wp->w_cursor = curwin->w_cursor;
++
+     win_enter(wp, TRUE);
+     redraw_all_later(NOT_VALID);
+ }
+@@ -5261,7 +5266,7 @@ frame_remove(frame_T *frp)
+ win_alloc_lines(win_T *wp)
+ {
+     wp->w_lines_valid = 0;
+-    wp->w_lines = ALLOC_CLEAR_MULT(wline_T, Rows );
++    wp->w_lines = ALLOC_CLEAR_MULT(wline_T, Rows);
+     if (wp->w_lines == NULL)
+ 	return FAIL;
+     return OK;
diff --git a/vim.spec b/vim.spec
index f12f988..8e826ba 100644
--- a/vim.spec
+++ b/vim.spec
@@ -27,7 +27,7 @@ Summary: The VIM editor
 URL:     http://www.vim.org/
 Name: vim
 Version: %{baseversion}.%{patchlevel}
-Release: 11%{?dist}
+Release: 12%{?dist}
 License: Vim and MIT
 Source0: ftp://ftp.vim.org/pub/vim/unix/vim-%{baseversion}-%{patchlevel}.tar.bz2
 Source1: virc
@@ -94,6 +94,8 @@ Patch3030: 0001-patch-8.2.4120-block-insert-goes-over-the-end-of-the.patch
 Patch3031: 0001-patch-8.2.4151-reading-beyond-the-end-of-a-line.patch
 # CVE-2022-0359 vim: heap-based buffer overflow in init_ccline() in ex_getln.c
 Patch3032: 0001-patch-8.2.4214-illegal-memory-access-with-large-tabs.patch
+# CVE-2022-0319 vim: heap-based out-of-bounds read
+Patch3033: 0001-patch-8.2.4154-ml_get-error-when-exchanging-windows-.patch
 
 # gcc is no longer in buildroot by default
 BuildRequires: gcc
@@ -313,6 +315,7 @@ perl -pi -e "s,bin/nawk,bin/awk,g" runtime/tools/mve.awk
 %patch3030 -p1 -b .cve0261
 %patch3031 -p1 -b .cve0318
 %patch3032 -p1 -b .cve0359
+%patch3033 -p1 -b .cve0319
 
 %build
 cd src
@@ -870,6 +873,9 @@ touch %{buildroot}/%{_datadir}/%{name}/vimfiles/doc/tags
 %endif
 
 %changelog
+* Tue Feb 08 2022 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-12
+- CVE-2022-0319 vim: heap-based out-of-bounds read
+
 * Thu Jan 27 2022 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-11
 - CVE-2022-0261 vim: Heap-based Buffer Overflow in block_insert() in src/ops.c
 - CVE-2022-0318 vim: heap-based buffer overflow in utf_head_off() in mbyte.c