diff --git a/.gitignore b/.gitignore
index 80e71a0f7..142f069f8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,6 @@
-SOURCES/kernel-abi-stablelists-5.14.0-503.35.1.el9_5.tar.bz2
-SOURCES/kernel-kabi-dw-5.14.0-503.35.1.el9_5.tar.bz2
-SOURCES/linux-5.14.0-503.35.1.el9_5.tar.xz
+SOURCES/kernel-abi-stablelists-5.14.0-503.38.1.el9_5.tar.bz2
+SOURCES/kernel-kabi-dw-5.14.0-503.38.1.el9_5.tar.bz2
+SOURCES/linux-5.14.0-503.38.1.el9_5.tar.xz
 SOURCES/nvidiagpuoot001.x509
 SOURCES/olima1.x509
 SOURCES/olimaca1.x509
diff --git a/.kernel.metadata b/.kernel.metadata
index 0dc335861..eab4e315c 100644
--- a/.kernel.metadata
+++ b/.kernel.metadata
@@ -1,6 +1,6 @@
-f582174d31fe40ab60a61820bce2bf854d6631c8 SOURCES/kernel-abi-stablelists-5.14.0-503.35.1.el9_5.tar.bz2
-75b1063f4228508c79cd7eee471778e1e8c58694 SOURCES/kernel-kabi-dw-5.14.0-503.35.1.el9_5.tar.bz2
-93f7b2e2c74baeb574054b6ea29490e08a4c8b83 SOURCES/linux-5.14.0-503.35.1.el9_5.tar.xz
+0b4db8bd47ff2129b6fe7dea4cc71838939c5831 SOURCES/kernel-abi-stablelists-5.14.0-503.38.1.el9_5.tar.bz2
+4f15f8c73195f7efaca3354972d57accfac03d85 SOURCES/kernel-kabi-dw-5.14.0-503.38.1.el9_5.tar.bz2
+84058cac8e5b933bd4c8bd1a1e33fec5a43e9154 SOURCES/linux-5.14.0-503.38.1.el9_5.tar.xz
 4fff8080e88afffc06d8ef5004db8d53bb21237f SOURCES/nvidiagpuoot001.x509
 706ae01dd14efa38f0f565a3706acac19c78df02 SOURCES/olima1.x509
 6e3f0d61414c0b50f48dc2d4c3b3cd024e1c3a43 SOURCES/olimaca1.x509
diff --git a/SOURCES/Makefile.rhelver b/SOURCES/Makefile.rhelver
index 5d5dcdd26..cb7ff5ce0 100644
--- a/SOURCES/Makefile.rhelver
+++ b/SOURCES/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 5
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 503.35.1
+RHEL_RELEASE = 503.38.1
 
 #
 # ZSTREAM
diff --git a/SOURCES/kernel.changelog b/SOURCES/kernel.changelog
index 5340a8bf7..821708ee4 100644
--- a/SOURCES/kernel.changelog
+++ b/SOURCES/kernel.changelog
@@ -1,3 +1,27 @@
+* Mon Apr 14 2025 Chao YE <cye@redhat.com> [5.14.0-503.38.1.el9_5]
+- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (CKI Backport Bot) [RHEL-86726] {CVE-2024-53150}
+Resolves: RHEL-86726
+
+* Sun Apr 06 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-503.37.1.el9_5]
+- scsi: core: Fix command pass through retry regression (Ewan D. Milne) [RHEL-77123]
+Resolves: RHEL-77123
+
+* Sun Mar 30 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-503.36.1.el9_5]
+- cpufreq: intel_pstate: Support Emerald Rapids OOB mode (Steve Best) [RHEL-67636]
+- cxgb4: use port number to set mac addr (Michal Schmidt) [RHEL-79672]
+- ice: stop storing XDP verdict within ice_rx_buf (Petr Oros) [RHEL-76141]
+- ice: gather page_count()'s of each frag right before XDP prog call (Petr Oros) [RHEL-76141]
+- ice: put Rx buffers after being done with current frame (Petr Oros) [RHEL-76141]
+- gve: trigger RX NAPI instead of TX NAPI in gve_xsk_wakeup (Joshua Washington) [RHEL-74413]
+- gve: process XSK TX descriptors as part of RX NAPI (Joshua Washington) [RHEL-74413]
+- gve: guard XSK operations on the existence of queues (Joshua Washington) [RHEL-74413] {CVE-2024-57933}
+- gve: guard XDP xmit NDO on existence of xdp queues (Joshua Washington) [RHEL-74413] {CVE-2024-57932}
+- gve: Fix an edge case for TSO skb validity check (Joshua Washington) [RHEL-74413]
+- gve: Fix XDP TX completion handling when counters overflow (Joshua Washington) [RHEL-74413]
+- gve: Clear napi->skb before dev_kfree_skb_any() (Joshua Washington) [RHEL-74413] {CVE-2024-40937}
+- gve: ignore nonrelevant GSO type bits when processing TSO headers (Joshua Washington) [RHEL-74413]
+Resolves: RHEL-67636, RHEL-74413, RHEL-76141, RHEL-79672
+
 * Sun Mar 23 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-503.35.1.el9_5]
 - cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (Mark Langsdorf) [RHEL-78643]
 - coresight: etm4x: Add ACPI support in platform driver (Mark Salter) [RHEL-80223]
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index 4ea2eedbd..b1056440f 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 503.35.1
+%define pkgrelease 503.38.1
 %define kversion 5
-%define tarfile_release 5.14.0-503.35.1.el9_5
+%define tarfile_release 5.14.0-503.38.1.el9_5
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 503.35.1%{?buildid}%{?dist}
+%define specrelease 503.38.1%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-503.35.1.el9_5
+%define kabiversion 5.14.0-503.38.1.el9_5
 
 #
 # End of genspec.sh variables
@@ -3795,7 +3795,7 @@ fi
 #
 #
 %changelog
-* Fri Apr 04 2025 Andrei Lukoshko <alukoshko@almalinux.org> - 5.14.0-503.35.1
+* Fri Apr 18 2025 Andrei Lukoshko <alukoshko@almalinux.org> - 5.14.0-503.38.1
 - hpsa: bring back deprecated PCI ids #CFHack #CFHack2024
 - mptsas: bring back deprecated PCI ids #CFHack #CFHack2024
 - megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024
@@ -3806,10 +3806,31 @@ fi
 - kernel/rh_messages.h: enable all disabled pci devices by moving to
   unmaintained
 
-* Fri Apr 04 2025 Eduard Abdullin <eabdullin@almalinux.org> - 5.14.0-503.35.1
+* Fri Apr 18 2025 Eduard Abdullin <eabdullin@almalinux.org> - 5.14.0-503.38.1
 - Use AlmaLinux OS secure boot cert
 - Debrand for AlmaLinux OS
 
+* Mon Apr 14 2025 Chao YE <cye@redhat.com> [5.14.0-503.38.1.el9_5]
+- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (CKI Backport Bot) [RHEL-86726] {CVE-2024-53150}
+
+* Sun Apr 06 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-503.37.1.el9_5]
+- scsi: core: Fix command pass through retry regression (Ewan D. Milne) [RHEL-77123]
+
+* Sun Mar 30 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-503.36.1.el9_5]
+- cpufreq: intel_pstate: Support Emerald Rapids OOB mode (Steve Best) [RHEL-67636]
+- cxgb4: use port number to set mac addr (Michal Schmidt) [RHEL-79672]
+- ice: stop storing XDP verdict within ice_rx_buf (Petr Oros) [RHEL-76141]
+- ice: gather page_count()'s of each frag right before XDP prog call (Petr Oros) [RHEL-76141]
+- ice: put Rx buffers after being done with current frame (Petr Oros) [RHEL-76141]
+- gve: trigger RX NAPI instead of TX NAPI in gve_xsk_wakeup (Joshua Washington) [RHEL-74413]
+- gve: process XSK TX descriptors as part of RX NAPI (Joshua Washington) [RHEL-74413]
+- gve: guard XSK operations on the existence of queues (Joshua Washington) [RHEL-74413] {CVE-2024-57933}
+- gve: guard XDP xmit NDO on existence of xdp queues (Joshua Washington) [RHEL-74413] {CVE-2024-57932}
+- gve: Fix an edge case for TSO skb validity check (Joshua Washington) [RHEL-74413]
+- gve: Fix XDP TX completion handling when counters overflow (Joshua Washington) [RHEL-74413]
+- gve: Clear napi->skb before dev_kfree_skb_any() (Joshua Washington) [RHEL-74413] {CVE-2024-40937}
+- gve: ignore nonrelevant GSO type bits when processing TSO headers (Joshua Washington) [RHEL-74413]
+
 * Sun Mar 23 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-503.35.1.el9_5]
 - cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (Mark Langsdorf) [RHEL-78643]
 - coresight: etm4x: Add ACPI support in platform driver (Mark Salter) [RHEL-80223]