diff --git a/.gitignore b/.gitignore
index 8699430c5..4223784c9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,6 @@
-SOURCES/kernel-abi-stablelists-5.14.0-570.28.1.el9_6.tar.bz2
-SOURCES/kernel-kabi-dw-5.14.0-570.28.1.el9_6.tar.bz2
-SOURCES/linux-5.14.0-570.28.1.el9_6.tar.xz
+SOURCES/kernel-abi-stablelists-5.14.0-570.30.1.el9_6.tar.bz2
+SOURCES/kernel-kabi-dw-5.14.0-570.30.1.el9_6.tar.bz2
+SOURCES/linux-5.14.0-570.30.1.el9_6.tar.xz
 SOURCES/nvidiagpuoot001.x509
 SOURCES/olima1.x509
 SOURCES/olimaca1.x509
diff --git a/.kernel.metadata b/.kernel.metadata
index fb0522d6d..883dd42d1 100644
--- a/.kernel.metadata
+++ b/.kernel.metadata
@@ -1,6 +1,6 @@
-8d583a42e24b4f00b34d98c7d8776bea7db366dd SOURCES/kernel-abi-stablelists-5.14.0-570.28.1.el9_6.tar.bz2
-71459de1d332980f2e0a23876ec897847d2b4786 SOURCES/kernel-kabi-dw-5.14.0-570.28.1.el9_6.tar.bz2
-d12bc2589991e8c3262268dbbb735c7ada9a8786 SOURCES/linux-5.14.0-570.28.1.el9_6.tar.xz
+bd055e645afd241ba1d20dc1b3616f71fef342ed SOURCES/kernel-abi-stablelists-5.14.0-570.30.1.el9_6.tar.bz2
+b36f8123a1f4f332d799bf62a97fce7a2c35531c SOURCES/kernel-kabi-dw-5.14.0-570.30.1.el9_6.tar.bz2
+406a2a0cc1ced265faffecf9cc33fff45c0f2e43 SOURCES/linux-5.14.0-570.30.1.el9_6.tar.xz
 4fff8080e88afffc06d8ef5004db8d53bb21237f SOURCES/nvidiagpuoot001.x509
 706ae01dd14efa38f0f565a3706acac19c78df02 SOURCES/olima1.x509
 6e3f0d61414c0b50f48dc2d4c3b3cd024e1c3a43 SOURCES/olimaca1.x509
diff --git a/SOURCES/Makefile.rhelver b/SOURCES/Makefile.rhelver
index 99bfed19d..c22aecd69 100644
--- a/SOURCES/Makefile.rhelver
+++ b/SOURCES/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 6
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 570.28.1
+RHEL_RELEASE = 570.30.1
 
 #
 # ZSTREAM
diff --git a/SOURCES/kernel.changelog b/SOURCES/kernel.changelog
index 3777eb99b..f65706703 100644
--- a/SOURCES/kernel.changelog
+++ b/SOURCES/kernel.changelog
@@ -1,3 +1,29 @@
+* Thu Jul 24 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.30.1.el9_6]
+- net_sched: hfsc: Fix a UAF vulnerability in class handling (Davide Caratti) [RHEL-95853] {CVE-2025-37797}
+Resolves: RHEL-95853
+
+* Sat Jul 19 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.29.1.el9_6]
+- tcp: adjust rcvq_space after updating scaling ratio (Guillaume Nault) [RHEL-99145]
+- ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (CKI Backport Bot) [RHEL-93555] {CVE-2025-22121}
+- ext4: introduce ITAIL helper (CKI Backport Bot) [RHEL-93555] {CVE-2025-22121}
+- ext4: avoid journaling sb update on error if journal is destroying (Brian Foster) [RHEL-93591] {CVE-2025-22113}
+- ext4: define ext4_journal_destroy wrapper (Brian Foster) [RHEL-93591]
+- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (CKI Backport Bot) [RHEL-102093] {CVE-2025-38110}
+- smb: client: fix regression with native SMB symlinks (Paulo Alcantara) [RHEL-101953]
+- redhat/configs: remove automotive directory (Eric Chanudet) [RHEL-96365]
+- r8169: enable RTL8168H/RTL8168EP/RTL8168FP ASPM support (CKI Backport Bot) [RHEL-96715]
+- r8169: disable RTL8126 ZRX-DC timeout (CKI Backport Bot) [RHEL-96715]
+- net: ch9200: fix uninitialised access during mii_nway_restart (CKI Backport Bot) [RHEL-101212] {CVE-2025-38086}
+- media: uvcvideo: Fix double free in error path (CKI Backport Bot) [RHEL-98795] {CVE-2024-57980}
+- RDMA/mlx5: Fix page_size variable overflow (CKI Backport Bot) [RHEL-99320] {CVE-2025-22091}
+- wifi: iwlwifi: limit printed string from FW file (CKI Backport Bot) [RHEL-99384] {CVE-2025-21905}
+- RDMA/core: Fix use-after-free when rename device name (CKI Backport Bot) [RHEL-99048] {CVE-2025-22085}
+- octeon_ep: Fix host hang issue during device reboot (CKI Backport Bot) [RHEL-93251]
+- mm/huge_memory: fix dereferencing invalid pmd migration entry (Rafael Aquini) [RHEL-96368] {CVE-2025-37958}
+- octeon_ep_vf: Resolve netdevice usage count issue (CKI Backport Bot) [RHEL-93252]
+- s390/virtio_ccw: Don't allocate/assign airqs for non-existing queues (CKI Backport Bot) [RHEL-87555]
+Resolves: RHEL-101212, RHEL-101953, RHEL-102093, RHEL-87555, RHEL-93251, RHEL-93252, RHEL-93555, RHEL-93591, RHEL-96365, RHEL-96368, RHEL-96715, RHEL-98795, RHEL-99048, RHEL-99145, RHEL-99320, RHEL-99384
+
 * Tue Jul 15 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.28.1.el9_6]
 - sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (CKI Backport Bot) [RHEL-101327] {CVE-2025-38089}
 Resolves: RHEL-101327
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index de26feefa..5259949d1 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 570.28.1
+%define pkgrelease 570.30.1
 %define kversion 5
-%define tarfile_release 5.14.0-570.28.1.el9_6
+%define tarfile_release 5.14.0-570.30.1.el9_6
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 570.28.1%{?buildid}%{?dist}
+%define specrelease 570.30.1%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-570.28.1.el9_6
+%define kabiversion 5.14.0-570.30.1.el9_6
 
 #
 # End of genspec.sh variables
@@ -3863,7 +3863,7 @@ fi
 #
 #
 %changelog
-* Tue Jul 22 2025 Andrei Lukoshko <alukoshko@almalinux.org> - 5.14.0-570.28.1
+* Wed Jul 30 2025 Andrei Lukoshko <alukoshko@almalinux.org> - 5.14.0-570.30.1
 - hpsa: bring back deprecated PCI ids #CFHack #CFHack2024
 - mptsas: bring back deprecated PCI ids #CFHack #CFHack2024
 - megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024
@@ -3874,11 +3874,35 @@ fi
 - kernel/rh_messages.h: enable all disabled pci devices by moving to
   unmaintained
 
-* Tue Jul 22 2025 Eduard Abdullin <eabdullin@almalinux.org> - 5.14.0-570.28.1
+* Wed Jul 30 2025 Eduard Abdullin <eabdullin@almalinux.org> - 5.14.0-570.30.1
 - Use AlmaLinux OS secure boot cert
 - Debrand for AlmaLinux OS
 - Add KVM support for ppc64le
 
+* Thu Jul 24 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.30.1.el9_6]
+- net_sched: hfsc: Fix a UAF vulnerability in class handling (Davide Caratti) [RHEL-95853] {CVE-2025-37797}
+
+* Sat Jul 19 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.29.1.el9_6]
+- tcp: adjust rcvq_space after updating scaling ratio (Guillaume Nault) [RHEL-99145]
+- ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (CKI Backport Bot) [RHEL-93555] {CVE-2025-22121}
+- ext4: introduce ITAIL helper (CKI Backport Bot) [RHEL-93555] {CVE-2025-22121}
+- ext4: avoid journaling sb update on error if journal is destroying (Brian Foster) [RHEL-93591] {CVE-2025-22113}
+- ext4: define ext4_journal_destroy wrapper (Brian Foster) [RHEL-93591]
+- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (CKI Backport Bot) [RHEL-102093] {CVE-2025-38110}
+- smb: client: fix regression with native SMB symlinks (Paulo Alcantara) [RHEL-101953]
+- redhat/configs: remove automotive directory (Eric Chanudet) [RHEL-96365]
+- r8169: enable RTL8168H/RTL8168EP/RTL8168FP ASPM support (CKI Backport Bot) [RHEL-96715]
+- r8169: disable RTL8126 ZRX-DC timeout (CKI Backport Bot) [RHEL-96715]
+- net: ch9200: fix uninitialised access during mii_nway_restart (CKI Backport Bot) [RHEL-101212] {CVE-2025-38086}
+- media: uvcvideo: Fix double free in error path (CKI Backport Bot) [RHEL-98795] {CVE-2024-57980}
+- RDMA/mlx5: Fix page_size variable overflow (CKI Backport Bot) [RHEL-99320] {CVE-2025-22091}
+- wifi: iwlwifi: limit printed string from FW file (CKI Backport Bot) [RHEL-99384] {CVE-2025-21905}
+- RDMA/core: Fix use-after-free when rename device name (CKI Backport Bot) [RHEL-99048] {CVE-2025-22085}
+- octeon_ep: Fix host hang issue during device reboot (CKI Backport Bot) [RHEL-93251]
+- mm/huge_memory: fix dereferencing invalid pmd migration entry (Rafael Aquini) [RHEL-96368] {CVE-2025-37958}
+- octeon_ep_vf: Resolve netdevice usage count issue (CKI Backport Bot) [RHEL-93252]
+- s390/virtio_ccw: Don't allocate/assign airqs for non-existing queues (CKI Backport Bot) [RHEL-87555]
+
 * Tue Jul 15 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.28.1.el9_6]
 - sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (CKI Backport Bot) [RHEL-101327] {CVE-2025-38089}