diff --git a/.gitignore b/.gitignore
index ea4902827..5c72f8933 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,7 +2,7 @@ SOURCES/centossecureboot201.cer
 SOURCES/centossecurebootca2.cer
 SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2
 SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2
-SOURCES/linux-4.18.0-553.37.1.el8_10.tar.xz
+SOURCES/linux-4.18.0-553.40.1.el8_10.tar.xz
 SOURCES/redhatsecureboot302.cer
 SOURCES/redhatsecureboot303.cer
 SOURCES/redhatsecureboot501.cer
diff --git a/.kernel.metadata b/.kernel.metadata
index ec90926e9..17d2a84c9 100644
--- a/.kernel.metadata
+++ b/.kernel.metadata
@@ -1,8 +1,8 @@
 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
 bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
-1f4f89b5b4bd3524972b94a4e23ab2bb75365ecf SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2
+4e8cec0dfeb0e4e26d8dc2d6caf0f9d35eca41f1 SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2
 618f2302d26295e300718d59e8551a0cdfc98022 SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2
-b8f0276361a2dd1946eed22193b0419b3f3eb722 SOURCES/linux-4.18.0-553.37.1.el8_10.tar.xz
+cc79533add11a93844354d9e3d5408a1812e47a6 SOURCES/linux-4.18.0-553.40.1.el8_10.tar.xz
 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
 e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
 ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index c06c5e6f4..ba1e32fea 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.37.1.el8_10
+%define pkgrelease 553.40.1.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.37.1%{?dist}
+%define specrelease 553.40.1%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -2696,6 +2696,23 @@ fi
 #
 #
 %changelog
+* Thu Feb 06 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.40.1.el8_10]
+- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Desnes Nunes) [RHEL-69571] {CVE-2024-53104}
+
+* Fri Jan 31 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.39.1.el8_10]
+- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher) [RHEL-73915]
+
+* Thu Jan 23 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.38.1.el8_10]
+- net: usb: lan78xx: add Allied Telesis AT29M2-AF (Jose Ignacio Tornos Martinez) [RHEL-70891]
+- s390/pci: Allow allocation of more than 1 MSI interrupt (Mete Durlu) [RHEL-74385]
+- s390/pci: Refactor arch_setup_msi_irqs() (Mete Durlu) [RHEL-74385]
+- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (Mete Durlu) [RHEL-71451]
+- s390/pci: Ignore RID for isolated VFs (Mete Durlu) [RHEL-71451]
+- s390/pci: Use topology ID for multi-function devices (Mete Durlu) [RHEL-71451]
+- s390/pci: Sort PCI functions prior to creating virtual busses (Mete Durlu) [RHEL-71451]
+- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (Mete Durlu) [RHEL-74387]
+- s390/pci: Handle PCI error codes other than 0x3a (Mete Durlu) [RHEL-74383]
+
 * Fri Jan 17 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.37.1.el8_10]
 - arm64/sve: Discard stale CPU state when handling SVE traps (Mark Salter) [RHEL-71535] {CVE-2024-50275}
 - scsi: core: Handle devices which return an unusually large VPD page count (Ewan D. Milne) [RHEL-34275]