diff --git a/SOURCES/0001-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch b/SOURCES/0001-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch
new file mode 100644
index 0000000..76018f9
--- /dev/null
+++ b/SOURCES/0001-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch
@@ -0,0 +1,35 @@
+diff -up vim80/src/screen.c.cve3872 vim80/src/screen.c
+--- vim80/src/screen.c.cve3872	2021-10-21 13:20:27.694921335 +0200
++++ vim80/src/screen.c	2021-10-21 13:22:42.221732996 +0200
+@@ -6911,13 +6911,13 @@ win_redr_status(win_T *wp)
+ 	    *(p + len++) = ' ';
+ 	if (bt_help(wp->w_buffer))
+ 	{
+-	    STRCPY(p + len, _("[Help]"));
++	    vim_snprintf((char *)p + len, MAXPATHL - len, "%s", _("[Help]"));
+ 	    len += (int)STRLEN(p + len);
+ 	}
+ #ifdef FEAT_QUICKFIX
+ 	if (wp->w_p_pvw)
+ 	{
+-	    STRCPY(p + len, _("[Preview]"));
++	    vim_snprintf((char *)p + len, MAXPATHL - len, "%s", _("[Preview]"));
+ 	    len += (int)STRLEN(p + len);
+ 	}
+ #endif
+@@ -6927,12 +6927,12 @@ win_redr_status(win_T *wp)
+ #endif
+ 		)
+ 	{
+-	    STRCPY(p + len, "[+]");
+-	    len += 3;
++	    vim_snprintf((char *)p + len, MAXPATHL - len, "%s", "[+]");
++	    len += (int)STRLEN(p + len);
+ 	}
+ 	if (wp->w_buffer->b_p_ro)
+ 	{
+-	    STRCPY(p + len, _("[RO]"));
++	    vim_snprintf((char *)p + len, MAXPATHL - len, "%s", _("[RO]"));
+ 	    len += (int)STRLEN(p + len);
+ 	}
+ 
diff --git a/SPECS/vim.spec b/SPECS/vim.spec
index 159811d..0874876 100644
--- a/SPECS/vim.spec
+++ b/SPECS/vim.spec
@@ -24,7 +24,7 @@ Summary: The VIM editor
 URL:     http://www.vim.org/
 Name: vim
 Version: %{baseversion}.%{patchlevel}
-Release: 16%{?dist}
+Release: 16%{?dist}.2
 License: Vim and MIT
 Source0: ftp://ftp.vim.org/pub/vim/unix/vim-%{baseversion}-%{patchlevel}.tar.bz2
 Source1: vim.sh
@@ -79,6 +79,7 @@ Patch3021: 0001-patch-8.1.0881-can-execute-shell-commands-in-rvim-th.patch
 Patch3022: vim-cve3796.patch
 # 2004891 - CVE-2021-3778 vim: heap-based buffer overflow in utf_ptr2char() in mbyte.c [rhel-8.5.0]
 Patch3023: vim-cve3778-fix.patch
+Patch3024: 0001-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch
 
 # gcc is no longer in buildroot by default
 BuildRequires: gcc
@@ -279,6 +280,7 @@ perl -pi -e "s,bin/nawk,bin/awk,g" runtime/tools/mve.awk
 %patch3021 -p1 -b .rvim
 %patch3022 -p1 -b .cve3796
 %patch3023 -p1 -b .cve3778
+%patch3024 -p1 -b .cve3872
 
 %build
 %if 0%{?rhel} > 7
@@ -797,6 +799,12 @@ touch %{buildroot}/%{_datadir}/%{name}/vimfiles/doc/tags
 %{_datadir}/icons/locolor/*/apps/*
 
 %changelog
+* Tue Oct 26 2021 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.0.1763-16.2
+- remove the upstream test - uses a feature which is not presented in RHEL 8
+
+* Tue Oct 26 2021 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.0.1763-16.1
+- CVE-2021-3872 vim: heap-based buffer overflow in win_redr_status() drawscreen.c [rhel-8.6.0]
+
 * Mon Sep 20 2021 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.0.1763-16
 - 2004974 - CVE-2021-3796 vim: use-after-free in nv_replace() in normal.c [rhel-8.5.0]
 - 2004891 - CVE-2021-3778 vim: heap-based buffer overflow in utf_ptr2char() in mbyte.c [rhel-8.5.0]