diff --git a/backport-CVE-2022-0336.patch b/backport-CVE-2022-0336.patch
new file mode 100644
index 0000000000000000000000000000000000000000..1602565b2678194c9483300ea6980217dee7b7e1
--- /dev/null
+++ b/backport-CVE-2022-0336.patch
@@ -0,0 +1,36 @@
+From 2802b7d8f3f77a639d0d69bced528f328655750b Mon Sep 17 00:00:00 2001
+From: Joseph Sutton <josephsutton@catalyst.net.nz>
+Date: Tue, 18 Jan 2022 12:02:45 +1300
+Subject: [PATCH 2/7] CVE-2022-0336: s4/dsdb/samldb: Don't return early when an
+ SPN is re-added to an object
+
+If an added SPN already exists on an object, we still want to check the
+rest of the element values for conflicts.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14950
+
+Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
+Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
+---
+ source4/dsdb/samdb/ldb_modules/samldb.c | 3 +--
+ 1 files changed, 1 insertion(+), 2 deletions(-)
+
+@@ -1,2 +1 @@
+ samba.tests.ldap_spn.+LdapSpnTest.test_spn_dodgy_spns
+-samba.tests.ldap_spn.+LdapSpnSambaOnlyTest.test_spn_add_a_conflict_along_with_a_re_added_SPN
+diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
+index f0227411ccd..a219446bba7 100644
+--- a/source4/dsdb/samdb/ldb_modules/samldb.c
++++ b/source4/dsdb/samdb/ldb_modules/samldb.c
+@@ -4001,8 +4001,7 @@ static int samldb_spn_uniqueness_check(struct samldb_ctx *ac,
+ 						 ac->msg->dn);
+ 		if (ret == LDB_ERR_COMPARE_TRUE) {
+ 			DBG_INFO("SPN %s re-added to the same object\n", spn);
+-			talloc_free(tmp_ctx);
+-			return LDB_SUCCESS;
++			continue;
+ 		}
+ 		if (ret != LDB_SUCCESS) {
+ 			DBG_ERR("SPN %s failed direct uniqueness check\n", spn);
+-- 
+2.25.1
diff --git a/samba.spec b/samba.spec
index 8eb1eadadf6fe748ec436697905dbcfd7c9f9000..7a00038504e07f16f29e5d75e95ff99a19621d09 100644
--- a/samba.spec
+++ b/samba.spec
@@ -49,7 +49,7 @@
 
 Name:           samba
 Version:        4.11.12
-Release:        10
+Release:        11
 
 Summary:        A suite for Linux to interoperate with Windows
 License:        GPLv3+ and LGPLv3+
@@ -182,6 +182,7 @@ Patch6253:       backport-0002-CVE-2021-44142.patch
 Patch6254:       backport-0003-CVE-2021-44142.patch
 Patch6255:       backport-0004-CVE-2021-44142.patch
 Patch6256:       backport-0005-CVE-2021-44142.patch
+Patch6257:       backport-CVE-2022-0336.patch
 
 BuildRequires: avahi-devel cups-devel dbus-devel docbook-style-xsl e2fsprogs-devel gawk gnupg2 gnutls-devel >= 3.4.7 gpgme-devel
 BuildRequires: jansson-devel krb5-devel >= %{required_mit_krb5} libacl-devel libaio-devel libarchive-devel libattr-devel 
@@ -3169,6 +3170,12 @@ fi
 %{_mandir}/man*
 
 %changelog
+* Mon Feb 14 2022 gaihuiying <eaglegai@163.com> - 4.11.12-11
+- Type:cves
+- ID:CVE-2022-0366
+- SUG:NA
+- DESC:backport to fix CVE-2022-0366
+
 * Tue Feb 08 2022 gaihuiying <eaglegai@163.com> - 4.11.12-10
 - Type:cves
 - ID:CVE-2021-44142