diff --git a/Makefile.rhelver b/Makefile.rhelver
index 129921321..03dd3e747 100644
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 5
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 496
+RHEL_RELEASE = 497
 
 #
 # ZSTREAM
diff --git a/kernel.changelog b/kernel.changelog
index 0340fd189..c1bc85b2a 100644
--- a/kernel.changelog
+++ b/kernel.changelog
@@ -1,3 +1,33 @@
+* Tue Aug 13 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-497.el9]
+- Add amd-pstate-ut to the mod-internal.list (David Arcari) [RHEL-53955]
+- firmware: cs_dsp: Return error if block header overflows file (David Arcari) [RHEL-53650] {CVE-2024-42238}
+- mm: prevent derefencing NULL ptr in pfn_section_valid() (Audra Mitchell) [RHEL-51138] {CVE-2024-41055}
+- mm, kmsan: fix infinite recursion due to RCU critical section (Audra Mitchell) [RHEL-51138] {CVE-2024-41055}
+- netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51046] {CVE-2024-41042}
+- netfilter: nf_tables: allow loop termination for pending fatal signal (Phil Sutter) [RHEL-51046]
+- netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51522] {CVE-2024-42070}
+- netfilter: nft_inner: validate mandatory meta and payload (Phil Sutter) [RHEL-47486] {CVE-2024-39504}
+- netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47616] {CVE-2024-39503}
+- netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47616] {CVE-2024-39503}
+- netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47616] {CVE-2024-39503}
+- qed/qede: Fix scheduling while atomic (John Meneghini) [RHEL-9751]
+- cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (Pavel Reichl) [RHEL-51157] {CVE-2024-41057}
+- cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (Pavel Reichl) [RHEL-51163] {CVE-2024-41058}
+- netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (Pavel Reichl) [RHEL-51157 RHEL-51163]
+- nvme-fabrics: use reserved tag for reg read/write command (CKI Backport Bot) [RHEL-51357] {CVE-2024-41082}
+- nvmet: always initialize cqe.result (Maurizio Lombardi) [RHEL-51334 RHEL-51335] {CVE-2024-41079}
+- nvmet: fix a possible leak when destroy a ctrl during qp establishment (Maurizio Lombardi) [RHEL-52019 RHEL-52020] {CVE-2024-42152}
+- NFSv4: Fix memory leak in nfs4_set_security_label (CKI Backport Bot) [RHEL-52083] {CVE-2024-41076}
+- xfs: don't walk off the end of a directory data block (CKI Backport Bot) [RHEL-50885] {CVE-2024-41013}
+- xfs: add bounds checking to xlog_recover_process_data (CKI Backport Bot) [RHEL-50862] {CVE-2024-41014}
+- tcp: avoid too many retransmit packets (Florian Westphal) [RHEL-48637] {CVE-2024-41007}
+- tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (Florian Westphal) [RHEL-48637]
+- nfs: handle error of rpc_proc_register() in init_nfs_fs() (Scott Mayhew) [RHEL-39906] {CVE-2024-36939}
+- mm/page_table_check: fix crash on ZONE_DEVICE (Chris von Recklinghausen) [RHEL-48052] {CVE-2024-40948}
+- net: asix: add proper error handling of usb read errors (Ken Cox) [RHEL-28110] {CVE-2021-47101}
+- asix: fix uninit-value in asix_mdio_read() (Ken Cox) [RHEL-28110] {CVE-2021-47101}
+Resolves: RHEL-28110, RHEL-39906, RHEL-47486, RHEL-47616, RHEL-48052, RHEL-48637, RHEL-50862, RHEL-50885, RHEL-51046, RHEL-51138, RHEL-51157, RHEL-51163, RHEL-51334, RHEL-51335, RHEL-51357, RHEL-51522, RHEL-52019, RHEL-52020, RHEL-52083, RHEL-53650, RHEL-53955, RHEL-9751
+
 * Mon Aug 12 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-496.el9]
 - mptcp: fix possible NULL dereferences (Antoine Tenart) [RHEL-48648]
 - af_packet: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
diff --git a/kernel.spec b/kernel.spec
index bd8f391cd..00ac1fca5 100755
--- a/kernel.spec
+++ b/kernel.spec
@@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 496
+%define pkgrelease 497
 %define kversion 5
-%define tarfile_release 5.14.0-496.el9
+%define tarfile_release 5.14.0-497.el9
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 496%{?buildid}%{?dist}
+%define specrelease 497%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-496.el9
+%define kabiversion 5.14.0-497.el9
 
 #
 # End of genspec.sh variables
@@ -3782,6 +3782,35 @@ fi
 #
 #
 %changelog
+* Tue Aug 13 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-497.el9]
+- Add amd-pstate-ut to the mod-internal.list (David Arcari) [RHEL-53955]
+- firmware: cs_dsp: Return error if block header overflows file (David Arcari) [RHEL-53650] {CVE-2024-42238}
+- mm: prevent derefencing NULL ptr in pfn_section_valid() (Audra Mitchell) [RHEL-51138] {CVE-2024-41055}
+- mm, kmsan: fix infinite recursion due to RCU critical section (Audra Mitchell) [RHEL-51138] {CVE-2024-41055}
+- netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51046] {CVE-2024-41042}
+- netfilter: nf_tables: allow loop termination for pending fatal signal (Phil Sutter) [RHEL-51046]
+- netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51522] {CVE-2024-42070}
+- netfilter: nft_inner: validate mandatory meta and payload (Phil Sutter) [RHEL-47486] {CVE-2024-39504}
+- netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47616] {CVE-2024-39503}
+- netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47616] {CVE-2024-39503}
+- netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47616] {CVE-2024-39503}
+- qed/qede: Fix scheduling while atomic (John Meneghini) [RHEL-9751]
+- cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (Pavel Reichl) [RHEL-51157] {CVE-2024-41057}
+- cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (Pavel Reichl) [RHEL-51163] {CVE-2024-41058}
+- netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (Pavel Reichl) [RHEL-51157 RHEL-51163]
+- nvme-fabrics: use reserved tag for reg read/write command (CKI Backport Bot) [RHEL-51357] {CVE-2024-41082}
+- nvmet: always initialize cqe.result (Maurizio Lombardi) [RHEL-51334 RHEL-51335] {CVE-2024-41079}
+- nvmet: fix a possible leak when destroy a ctrl during qp establishment (Maurizio Lombardi) [RHEL-52019 RHEL-52020] {CVE-2024-42152}
+- NFSv4: Fix memory leak in nfs4_set_security_label (CKI Backport Bot) [RHEL-52083] {CVE-2024-41076}
+- xfs: don't walk off the end of a directory data block (CKI Backport Bot) [RHEL-50885] {CVE-2024-41013}
+- xfs: add bounds checking to xlog_recover_process_data (CKI Backport Bot) [RHEL-50862] {CVE-2024-41014}
+- tcp: avoid too many retransmit packets (Florian Westphal) [RHEL-48637] {CVE-2024-41007}
+- tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (Florian Westphal) [RHEL-48637]
+- nfs: handle error of rpc_proc_register() in init_nfs_fs() (Scott Mayhew) [RHEL-39906] {CVE-2024-36939}
+- mm/page_table_check: fix crash on ZONE_DEVICE (Chris von Recklinghausen) [RHEL-48052] {CVE-2024-40948}
+- net: asix: add proper error handling of usb read errors (Ken Cox) [RHEL-28110] {CVE-2021-47101}
+- asix: fix uninit-value in asix_mdio_read() (Ken Cox) [RHEL-28110] {CVE-2021-47101}
+
 * Mon Aug 12 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-496.el9]
 - mptcp: fix possible NULL dereferences (Antoine Tenart) [RHEL-48648]
 - af_packet: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
diff --git a/mod-internal.list b/mod-internal.list
index 9d5710e5b..297fb2f71 100644
--- a/mod-internal.list
+++ b/mod-internal.list
@@ -94,3 +94,4 @@ checksum_kunit
 arm-smmu-v3-test
 iwlwifi-tests
 sound_kunit
+amd-pstate-ut
diff --git a/sources b/sources
index 4c99b3ccd..2b74fc559 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-5.14.0-496.el9.tar.xz) = 73831b355d935537945b28cd884b8514c7b3ecfc6e0ce089924523305ff3f79a72a4e276a35a61a48f4bc032a0567b8da2fc1eb46120137c5c4cdf51a9efa6a6
-SHA512 (kernel-abi-stablelists-5.14.0-496.el9.tar.bz2) = 24ba98743224ad53dc3be91ac6836f029edb57142b0458d53b641b08d55fefd26bc46a1bab6f8dd1c24913f0c296dd2f68fef5b7c9154a449d1bef535c511c64
-SHA512 (kernel-kabi-dw-5.14.0-496.el9.tar.bz2) = 3b8d80b1f7644ed93773092dbb6f02ec46b888d9408e3449d5cfe8c90350e800aeed7a1a01265e37a093100d50eb374902527ccb1efb1807ead1f59c2a28f37b
+SHA512 (linux-5.14.0-497.el9.tar.xz) = 5f9c2a78225ffd33e0397c5a8e94f7dc935f32a02c1df39de4528a7ce5707ce2601e730b2cfb9639a943681431a5e25421ed956818317ddc694ce2c76b351f6c
+SHA512 (kernel-abi-stablelists-5.14.0-497.el9.tar.bz2) = a6cb877ed2d110f886a983753b1d596f0518de9dc1a92fcecd698572b383b1f96c3cc90d61d177d285166e8d63a932bcd840308c2ede800ea9543ec5ac536630
+SHA512 (kernel-kabi-dw-5.14.0-497.el9.tar.bz2) = 7c8bcedd6f6e50780e262013dbe021e892b664c69e1608a13518cacf9fe3776da1a23a7d9e4ada46491e7190e3ccf3d0957b186baf28d820e9e47eadf245d3c8