diff --git a/Makefile.rhelver b/Makefile.rhelver
index a823d7f8f..2cccf762b 100644
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 5
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 466
+RHEL_RELEASE = 467
 
 #
 # ZSTREAM
diff --git a/kernel-x86_64-debug-rhel.config b/kernel-x86_64-debug-rhel.config
index 5bd7f559e..33dab3454 100644
--- a/kernel-x86_64-debug-rhel.config
+++ b/kernel-x86_64-debug-rhel.config
@@ -3255,6 +3255,7 @@ CONFIG_MISC_FILESYSTEMS=y
 CONFIG_MISC_RTSX_PCI=m
 CONFIG_MISC_RTSX_USB=m
 CONFIG_MITIGATION_RFDS=y
+CONFIG_MITIGATION_SPECTRE_BHI=y
 # CONFIG_MK8 is not set
 # CONFIG_MLX4_CORE_GEN2 is not set
 CONFIG_MLX4_EN_DCB=y
diff --git a/kernel-x86_64-rhel.config b/kernel-x86_64-rhel.config
index 02bddfcc1..2e002805e 100644
--- a/kernel-x86_64-rhel.config
+++ b/kernel-x86_64-rhel.config
@@ -3235,6 +3235,7 @@ CONFIG_MISC_FILESYSTEMS=y
 CONFIG_MISC_RTSX_PCI=m
 CONFIG_MISC_RTSX_USB=m
 CONFIG_MITIGATION_RFDS=y
+CONFIG_MITIGATION_SPECTRE_BHI=y
 # CONFIG_MK8 is not set
 # CONFIG_MLX4_CORE_GEN2 is not set
 CONFIG_MLX4_EN_DCB=y
diff --git a/kernel-x86_64-rt-debug-rhel.config b/kernel-x86_64-rt-debug-rhel.config
index d1d70046f..81144d176 100644
--- a/kernel-x86_64-rt-debug-rhel.config
+++ b/kernel-x86_64-rt-debug-rhel.config
@@ -3312,6 +3312,7 @@ CONFIG_MISC_FILESYSTEMS=y
 CONFIG_MISC_RTSX_PCI=m
 CONFIG_MISC_RTSX_USB=m
 CONFIG_MITIGATION_RFDS=y
+CONFIG_MITIGATION_SPECTRE_BHI=y
 # CONFIG_MK8 is not set
 # CONFIG_MLX4_CORE_GEN2 is not set
 CONFIG_MLX4_DEBUG=y
diff --git a/kernel-x86_64-rt-rhel.config b/kernel-x86_64-rt-rhel.config
index 7121c72a3..b5e39696c 100644
--- a/kernel-x86_64-rt-rhel.config
+++ b/kernel-x86_64-rt-rhel.config
@@ -3292,6 +3292,7 @@ CONFIG_MISC_FILESYSTEMS=y
 CONFIG_MISC_RTSX_PCI=m
 CONFIG_MISC_RTSX_USB=m
 CONFIG_MITIGATION_RFDS=y
+CONFIG_MITIGATION_SPECTRE_BHI=y
 # CONFIG_MK8 is not set
 # CONFIG_MLX4_CORE_GEN2 is not set
 CONFIG_MLX4_DEBUG=y
diff --git a/kernel.changelog b/kernel.changelog
index 3482a92c7..8785cb03d 100644
--- a/kernel.changelog
+++ b/kernel.changelog
@@ -1,3 +1,68 @@
+* Tue Jun 18 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-467.el9]
+- efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-26588] {CVE-2023-52463}
+- keys: Fix overwrite of key expiration on instantiation (David Howells) [RHEL-39708] {CVE-2024-36031}
+- cpufreq: intel_pstate: Fix unchecked HWP MSR access (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: fix struct cpudata::epp_cached kernel-doc (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: hide unused intel_pstate_cpu_oob_ids[] (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Update the maximum CPU frequency consistently (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Replace three global.turbo_disabled checks (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo() (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Do not update global.turbo_disabled after initialization (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Use __ro_after_init for three variables (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Wait for canceled delayed work to complete (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Simplify spinlock locking (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Drop redundant locking from intel_pstate_driver_cleanup() (David Arcari) [RHEL-39731]
+- block: prevent division by zero in blk_rq_stat_sum() (Ming Lei) [RHEL-37281] {CVE-2024-35925}
+- block: fix module reference leakage from bdev_open_by_dev error path (Ming Lei) [RHEL-37000] {CVE-2024-35859}
+- net/mlx4_core: replace deprecated strncpy with strscpy (Benjamin Poirier) [RHEL-24474]
+- IB/mlx4: Fix the size of a buffer in add_port_entries() (Benjamin Poirier) [RHEL-24474]
+- mlx4: Delete custom device management logic (Benjamin Poirier) [RHEL-24474]
+- mlx4: Connect the infiniband part to the auxiliary bus (Benjamin Poirier) [RHEL-24474]
+- mlx4: Connect the ethernet part to the auxiliary bus (Benjamin Poirier) [RHEL-24474]
+- mlx4: Register mlx4 devices to an auxiliary virtual bus (Benjamin Poirier) [RHEL-24474]
+- mlx4: Avoid resetting MLX4_INTFF_BONDING per driver (Benjamin Poirier) [RHEL-24474]
+- mlx4: Move the bond work to the core driver (Benjamin Poirier) [RHEL-24474]
+- mlx4: Get rid of the mlx4_interface.activate callback (Benjamin Poirier) [RHEL-24474]
+- mlx4: Replace the mlx4_interface.event callback with a notifier (Benjamin Poirier) [RHEL-24474]
+- mlx4: Use 'void *' as the event param of mlx4_dispatch_event() (Benjamin Poirier) [RHEL-24474]
+- mlx4: Rename member mlx4_en_dev.nb to netdev_nb (Benjamin Poirier) [RHEL-24474]
+- mlx4: Get rid of the mlx4_interface.get_dev callback (Benjamin Poirier) [RHEL-24474]
+- RDMA/mlx4: Copy union directly (Benjamin Poirier) [RHEL-24474]
+- net/mlx4: Remove many unnecessary NULL values (Benjamin Poirier) [RHEL-24474]
+- RDMA/mlx: Remove unnecessary variable initializations (Benjamin Poirier) [RHEL-24474]
+- net/mlx4: clean up a type issue (Benjamin Poirier) [RHEL-24474]
+- RDMA/mlx4: Make check for invalid flags stricter (Benjamin Poirier) [RHEL-24474]
+- net/mlx4: Use bitmap_weight_and() (Benjamin Poirier) [RHEL-24474]
+- RDMA/mlx: Calling qp event handler in workqueue context (Benjamin Poirier) [RHEL-24474]
+- sched/topology: Optimize topology_span_sane() (Phil Auld) [RHEL-39277]
+- cpumask: Add for_each_cpu_from() (Phil Auld) [RHEL-39277]
+- mm/slub, kunit: Use inverted data to corrupt kmem cache (Nico Pache) [RHEL-38018]
+- drop_monitor: replace spin_lock by raw_spin_lock (Wander Lairson Costa) [RHEL-1016]
+- redhat/configs: Add CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Fix BHI retpoline check (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Clarify that syscall hardening isn't a BHI mitigation (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Fix BHI handling of RRSBA (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Fix BHI documentation (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Fix return type of spectre_bhi_state() (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Make CONFIG_SPECTRE_BHI_ON the default (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- KVM: x86: Add BHI_NO (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bhi: Mitigate KVM by default (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bhi: Add BHI mitigation knob (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bhi: Enumerate Branch History Injection (BHI) bug (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bhi: Add support for clearing branch history at syscall entry (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- perf/x86/amd/lbr: Use freeze based on availability (Waiman Long) [RHEL-28203 RHEL-28209]
+- Documentation/kernel-parameters: Add spec_rstack_overflow to mitigations=off (Waiman Long) [RHEL-28203 RHEL-28209]
+Resolves: RHEL-1016, RHEL-24474, RHEL-26588, RHEL-28203, RHEL-28209, RHEL-37000, RHEL-37281, RHEL-38018, RHEL-39277, RHEL-39708, RHEL-39731
+
 * Mon Jun 17 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-466.el9]
 - cpu/hotplug: Don't offline the last non-isolated CPU (David Arcari) [RHEL-38274] {CVE-2023-52831}
 - cpu/hotplug: Prevent self deadlock on CPU hot-unplug (David Arcari) [RHEL-38274] {CVE-2023-52831}
diff --git a/kernel.spec b/kernel.spec
index e3b4539be..9d04da4da 100755
--- a/kernel.spec
+++ b/kernel.spec
@@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 466
+%define pkgrelease 467
 %define kversion 5
-%define tarfile_release 5.14.0-466.el9
+%define tarfile_release 5.14.0-467.el9
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 466%{?buildid}%{?dist}
+%define specrelease 467%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-466.el9
+%define kabiversion 5.14.0-467.el9
 
 #
 # End of genspec.sh variables
@@ -3737,6 +3737,70 @@ fi
 #
 #
 %changelog
+* Tue Jun 18 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-467.el9]
+- efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-26588] {CVE-2023-52463}
+- keys: Fix overwrite of key expiration on instantiation (David Howells) [RHEL-39708] {CVE-2024-36031}
+- cpufreq: intel_pstate: Fix unchecked HWP MSR access (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: fix struct cpudata::epp_cached kernel-doc (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: hide unused intel_pstate_cpu_oob_ids[] (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Update the maximum CPU frequency consistently (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Replace three global.turbo_disabled checks (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo() (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Do not update global.turbo_disabled after initialization (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Use __ro_after_init for three variables (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Wait for canceled delayed work to complete (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Simplify spinlock locking (David Arcari) [RHEL-39731]
+- cpufreq: intel_pstate: Drop redundant locking from intel_pstate_driver_cleanup() (David Arcari) [RHEL-39731]
+- block: prevent division by zero in blk_rq_stat_sum() (Ming Lei) [RHEL-37281] {CVE-2024-35925}
+- block: fix module reference leakage from bdev_open_by_dev error path (Ming Lei) [RHEL-37000] {CVE-2024-35859}
+- net/mlx4_core: replace deprecated strncpy with strscpy (Benjamin Poirier) [RHEL-24474]
+- IB/mlx4: Fix the size of a buffer in add_port_entries() (Benjamin Poirier) [RHEL-24474]
+- mlx4: Delete custom device management logic (Benjamin Poirier) [RHEL-24474]
+- mlx4: Connect the infiniband part to the auxiliary bus (Benjamin Poirier) [RHEL-24474]
+- mlx4: Connect the ethernet part to the auxiliary bus (Benjamin Poirier) [RHEL-24474]
+- mlx4: Register mlx4 devices to an auxiliary virtual bus (Benjamin Poirier) [RHEL-24474]
+- mlx4: Avoid resetting MLX4_INTFF_BONDING per driver (Benjamin Poirier) [RHEL-24474]
+- mlx4: Move the bond work to the core driver (Benjamin Poirier) [RHEL-24474]
+- mlx4: Get rid of the mlx4_interface.activate callback (Benjamin Poirier) [RHEL-24474]
+- mlx4: Replace the mlx4_interface.event callback with a notifier (Benjamin Poirier) [RHEL-24474]
+- mlx4: Use 'void *' as the event param of mlx4_dispatch_event() (Benjamin Poirier) [RHEL-24474]
+- mlx4: Rename member mlx4_en_dev.nb to netdev_nb (Benjamin Poirier) [RHEL-24474]
+- mlx4: Get rid of the mlx4_interface.get_dev callback (Benjamin Poirier) [RHEL-24474]
+- RDMA/mlx4: Copy union directly (Benjamin Poirier) [RHEL-24474]
+- net/mlx4: Remove many unnecessary NULL values (Benjamin Poirier) [RHEL-24474]
+- RDMA/mlx: Remove unnecessary variable initializations (Benjamin Poirier) [RHEL-24474]
+- net/mlx4: clean up a type issue (Benjamin Poirier) [RHEL-24474]
+- RDMA/mlx4: Make check for invalid flags stricter (Benjamin Poirier) [RHEL-24474]
+- net/mlx4: Use bitmap_weight_and() (Benjamin Poirier) [RHEL-24474]
+- RDMA/mlx: Calling qp event handler in workqueue context (Benjamin Poirier) [RHEL-24474]
+- sched/topology: Optimize topology_span_sane() (Phil Auld) [RHEL-39277]
+- cpumask: Add for_each_cpu_from() (Phil Auld) [RHEL-39277]
+- mm/slub, kunit: Use inverted data to corrupt kmem cache (Nico Pache) [RHEL-38018]
+- drop_monitor: replace spin_lock by raw_spin_lock (Wander Lairson Costa) [RHEL-1016]
+- redhat/configs: Add CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Fix BHI retpoline check (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Clarify that syscall hardening isn't a BHI mitigation (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Fix BHI handling of RRSBA (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Fix BHI documentation (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Fix return type of spectre_bhi_state() (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Make CONFIG_SPECTRE_BHI_ON the default (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- KVM: x86: Add BHI_NO (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bhi: Mitigate KVM by default (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bhi: Add BHI mitigation knob (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bhi: Enumerate Branch History Injection (BHI) bug (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bhi: Add support for clearing branch history at syscall entry (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (Waiman Long) [RHEL-28203 RHEL-28209] {CVE-2024-2201}
+- perf/x86/amd/lbr: Use freeze based on availability (Waiman Long) [RHEL-28203 RHEL-28209]
+- Documentation/kernel-parameters: Add spec_rstack_overflow to mitigations=off (Waiman Long) [RHEL-28203 RHEL-28209]
+
 * Mon Jun 17 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-466.el9]
 - cpu/hotplug: Don't offline the last non-isolated CPU (David Arcari) [RHEL-38274] {CVE-2023-52831}
 - cpu/hotplug: Prevent self deadlock on CPU hot-unplug (David Arcari) [RHEL-38274] {CVE-2023-52831}
diff --git a/sources b/sources
index 6661f7e2c..a3bee333d 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-5.14.0-466.el9.tar.xz) = e38e94d1117115b3838170dade7cd0a691e91b77e5a0a3646a6fd0d2baaf84b92857c7c6dc158f3a8251ecea2048c22547f2d12ad159cba636c50417587ed4ce
-SHA512 (kernel-abi-stablelists-5.14.0-466.el9.tar.bz2) = 86e24dbd88d9a6cf53a269e927beac2b69bc0319324c2ea83f4ae51c976e05f1ce8d46a290fe13ea7ed03fc3030dd75fdf55139bff4a5bdb9208d73c34fffc3f
-SHA512 (kernel-kabi-dw-5.14.0-466.el9.tar.bz2) = f457713ced0439861c4afb630f3f9a9c70ca92a9a9b5df963dfd843ba7f63d96eee6a43a998be8a328b19178d806c465f2f129104b17fc848c84c4cd22492963
+SHA512 (linux-5.14.0-467.el9.tar.xz) = bf47041b1981081fdc596cd8645959b67de8212add93ba9429b54238965abd060584991c693f3d616aa7d794d3caeb90a44b6dbc7dd465fe5a3acbafa9704d0f
+SHA512 (kernel-abi-stablelists-5.14.0-467.el9.tar.bz2) = fe0f0e7c89bc6a7793f8358a1eb9c903eff3aaf6521ce2d17dff174bd864910fbc18f7e2943c358d38de2b6e299d022e65c93dcb48bfffe0218ee4021d888bec
+SHA512 (kernel-kabi-dw-5.14.0-467.el9.tar.bz2) = f457713ced0439861c4afb630f3f9a9c70ca92a9a9b5df963dfd843ba7f63d96eee6a43a998be8a328b19178d806c465f2f129104b17fc848c84c4cd22492963