diff --git a/.gitignore b/.gitignore
index b1dac20cf..57ab1f633 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,7 +1,7 @@
 fedoraimaca.x509
-kernel-abi-stablelists-6.12.0-55.25.1.el10_0.tar.xz
-kernel-kabi-dw-6.12.0-55.25.1.el10_0.tar.xz
-linux-6.12.0-55.25.1.el10_0.tar.xz
+kernel-abi-stablelists-6.12.0-55.27.1.el10_0.tar.xz
+kernel-kabi-dw-6.12.0-55.27.1.el10_0.tar.xz
+linux-6.12.0-55.27.1.el10_0.tar.xz
 nvidiagpuoot001.x509
 olima1.x509
 olimaca1.x509
diff --git a/Makefile.rhelver b/Makefile.rhelver
index 86c64de27..fdf5c423f 100644
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 0
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 55.25.1
+RHEL_RELEASE = 55.27.1
 
 #
 # RHEL_REBASE_NUM
diff --git a/kernel.spec b/kernel.spec
index e6907e675..da4fae9a5 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -162,15 +162,15 @@ Summary: The Linux kernel
 %define specrpmversion 6.12.0
 %define specversion 6.12.0
 %define patchversion 6.12
-%define pkgrelease 55.25.1
+%define pkgrelease 55.27.1
 %define kversion 6
-%define tarfile_release 6.12.0-55.25.1.el10_0
+%define tarfile_release 6.12.0-55.27.1.el10_0
 # This is needed to do merge window version magic
 %define patchlevel 12
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 55.25.1%{?buildid}%{?dist}
+%define specrelease 55.27.1%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 6.12.0-55.25.1.el10_0
+%define kabiversion 6.12.0-55.27.1.el10_0
 
 # If this variable is set to 1, a bpf selftests build failure will cause a
 # fatal kernel package build error
@@ -4359,7 +4359,7 @@ fi\
 #
 #
 %changelog
-* Tue Aug 12 2025 Andrei Lukoshko <alukoshko@almalinux.org> - 6.12.0-55.25.1
+* Tue Aug 19 2025 Andrei Lukoshko <alukoshko@almalinux.org> - 6.12.0-55.27.1
 - hpsa: bring back deprecated PCI ids #CFHack #CFHack2024
 - mptsas: bring back deprecated PCI ids #CFHack #CFHack2024
 - megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024
@@ -4370,10 +4370,43 @@ fi\
 - kernel/rh_messages.h: enable all disabled pci devices by moving to
   unmaintained
 
-* Tue Aug 12 2025 Eduard Abdullin <eabdullin@almalinux.org> - 6.12.0-55.25.1
+* Tue Aug 19 2025 Eduard Abdullin <eabdullin@almalinux.org> - 6.12.0-55.27.1
 - Use AlmaLinux OS secure boot cert
 - Debrand for AlmaLinux OS
 
+* Thu Aug 14 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.27.1.el10_0]
+- Bump internal version to 55.27.1
+- Fix includes for mm: fix copy_vma() error handling for hugetlb mappings
+- Revert sch_htb: make htb_qlen_notify() idempotent
+- Revert sch_drr: make drr_qlen_notify() idempotent
+- Revert sch_qfq: make qfq_qlen_notify() idempotent
+- Revert codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
+- Revert sch_htb: make htb_deactivate() idempotent
+- Revert net/sched: Always pass notifications when child class becomes empty
+- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds - CVE-2025-38159
+- Documentation: Fix pci=config_acs= example
+- PCI/ACS: Fix 'pci=config_acs=' parameter
+- Revert "smb: client: fix TCP timers deadlock after rmmod" - CVE-2025-22077
+- Revert smb: client: Fix netns refcount imbalance causing leaks and use-after-free 
+- smb: client: Fix netns refcount imbalance causing leaks and use-after-free
+- wifi: ath12k: fix invalid access to memory - CVE-2025-38292
+- x86/CPU/AMD: Terminate the erratum_1386_microcode array - CVE-2024-56721
+- crypto: algif_hash - fix double free in hash_accept - CVE-2025-38079
+- net/sched: Always pass notifications when child class becomes empty - CVE-2025-38350
+- sch_htb: make htb_deactivate() idempotent - CVE-2025-38350
+- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() - CVE-2025-38350
+- sch_qfq: make qfq_qlen_notify() idempotent - CVE-2025-38350
+- sch_drr: make drr_qlen_notify() idempotent - CVE-2025-38350
+- sch_htb: make htb_qlen_notify() idempotent - CVE-2025-38350
+- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race - CVE-2025-38085
+- mm/hugetlb: unshare page tables during VMA split, not before - CVE-2025-38084
+- tools/testing/vma: add missing function stub
+- mm: fix copy_vma() error handling for hugetlb mappings
+- PCI: Use downstream bridges for distributing resources
+- PCI/pwrctrl: Cancel outstanding rescan work when unregistering - CVE-2025-38137
+- bnxt_en: Skip MAC loopback selftest if it is unsupported by FW
+- bnxt_en: Skip PHY loopback ethtool selftest if unsupported by FW
+
 * Thu Aug 07 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.25.1.el10_0]
 - Bump internal version to 55.25.1
 - net_sched: hfsc: Address reentrant enqueue adding class to eltree twice - CVE-2025-38001
diff --git a/sources b/sources
index 53ceb7298..c3585861e 100644
--- a/sources
+++ b/sources
@@ -1,7 +1,7 @@
 SHA512 (fedoraimaca.x509) = e04809394f4472c17e86d7024dee34f03fb68e82a85502fd5b00535202c72e57626a8376b2cf991b7e1e46404aa5ab8d189ebf320e0dd37d49e7efbc925c7a2e
-SHA512 (kernel-abi-stablelists-6.12.0-55.25.1.el10_0.tar.xz) = 6fee4a7489cd6ee6048a2299bb42052b0dad0f40d9edd6f9412286728ddc25e5fd491605c7f176284cce339660d0d2585c02e20b3460ebdef08152a70cb81c33
-SHA512 (kernel-kabi-dw-6.12.0-55.25.1.el10_0.tar.xz) = 95e56376dcb6f68300626e83bc60ca36443866f04e600f0a3eeb459435ee1f1cc3287d578209d5c1522fa0cc3e5a0c7999d573e46c9070bc0001e49c9fb8f9aa
-SHA512 (linux-6.12.0-55.25.1.el10_0.tar.xz) = 306ae54fa7d55b873784545ea000da96b61b55181f7b1d96b5cc40dbf6c339c32fa5ee0fccc5d3f8d90e976201c3c64ab32369435a9342db5b07e5062fbb168a
+SHA512 (kernel-abi-stablelists-6.12.0-55.27.1.el10_0.tar.xz) = 6fee4a7489cd6ee6048a2299bb42052b0dad0f40d9edd6f9412286728ddc25e5fd491605c7f176284cce339660d0d2585c02e20b3460ebdef08152a70cb81c33
+SHA512 (kernel-kabi-dw-6.12.0-55.27.1.el10_0.tar.xz) = 95e56376dcb6f68300626e83bc60ca36443866f04e600f0a3eeb459435ee1f1cc3287d578209d5c1522fa0cc3e5a0c7999d573e46c9070bc0001e49c9fb8f9aa
+SHA512 (linux-6.12.0-55.27.1.el10_0.tar.xz) = c746ed85a366cea5d2b5d425e9c610988909cfd5fd5d7674f22afbb0b9521e82775569005581564a16017811b2c45f07f6e72a52a7d3b481b314c3953ce15236
 SHA512 (nvidiagpuoot001.x509) = b42f836e1cfa07890cb6ca13de9c3950e306c9ec7686c4c09f050bb68869f5d82962b2cd5f3aa0eb7a0f3a3ae54e9c480eafbac5df53aa92c295ff511a8c59fe
 SHA512 (olima1.x509) = 123c26c1d698cc8523845c6e1103b9c72abf855acd225d37baf1f3388a47f912166d6d786fb367fe46de39e011b586ad7f3963aa2e8923da30a6ea9ae0d76ad3
 SHA512 (olimaca1.x509) = 3a779415fad29d6f7250ec97ab1f0a5eb62c351b724feee06b22e17f065bf74a558f32cc524d3222c4485635ae5b9cd5287855c94010fe743b51a4d954340c4c