diff --git a/kernel.spec b/kernel.spec
index 9bcfeac55..93bd49e51 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.101.1.el8_10
+%define pkgrelease 553.102.1.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.101.1%{?dist}
+%define specrelease 553.102.1%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -2705,6 +2705,25 @@ fi
 #
 #
 %changelog
+* Sat Jan 31 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.102.1.el8_10]
+- nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (CKI Backport Bot) [RHEL-144327] {CVE-2026-22998}
+- NFSv4: ensure the open stateid seqid doesn't go backwards (Scott Mayhew) [RHEL-121683]
+- audit: Avoid excessive dput/dget in audit_context setup and reset paths (Waiman Long) [RHEL-140776]
+- lockref: remove lockref_put_not_zero (Waiman Long) [RHEL-140776]
+- lockref: stop doing cpu_relax in the cmpxchg loop (Waiman Long) [RHEL-140776]
+- lockref: remove unused 'lockref_get_or_lock()' function (Waiman Long) [RHEL-140776]
+- lockref: Limit number of cmpxchg loop retries (Waiman Long) [RHEL-140776]
+- net: use dst_dev_rcu() in sk_setup_caps() (Hangbin Liu) [RHEL-129079] {CVE-2025-40170}
+- ipv6: use RCU in ip6_xmit() (Hangbin Liu) [RHEL-129004] {CVE-2025-40135}
+- ipv6: use RCU in ip6_output() (Hangbin Liu) [RHEL-128966] {CVE-2025-40158}
+- net: dst: introduce dst->dev_rcu (Hangbin Liu) [RHEL-128966]
+- net: Add locking to protect skb->dev access in ip_output (Hangbin Liu) [RHEL-128966]
+- net: dst: add four helpers to annotate data-races around dst->dev (Hangbin Liu) [RHEL-128966]
+- ipv4: use RCU protection in __ip_rt_update_pmtu() (Hangbin Liu) [RHEL-128966] {CVE-2025-21766}
+- net: gain ipv4 mtu when mtu is not locked (Hangbin Liu) [RHEL-128966]
+- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (Hangbin Liu) [RHEL-128966]
+- ipv4: add RCU protection to ip4_dst_hoplimit() (Hangbin Liu) [RHEL-128966]
+
 * Thu Jan 29 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.101.1.el8_10]
 - i40e: avoid redundant VF link state updates (CKI Backport Bot) [RHEL-141878]
 - NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CKI Backport Bot) [RHEL-140255] {CVE-2025-68349}
diff --git a/sources b/sources
index 4848b6c4a..fff16f7cf 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-4.18.0-553.101.1.el8_10.tar.xz) = 814c1c031ce9e02bde28e876017bbbac753764f832bbc06e8e53ba9269c7ae57a33102579fb6f260c2a0defe87a938d28f8a76d00d864ecb21f04c77ce05a552
-SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 5b2f1fae71a35f357f5430fce58e1104309e8b75518bf7bba0ade6b3be0f8b09032ec4d74baef9b5fdf6aecb66de6e080681b88a6753db978d708b78360067c3
-SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 90b2191ab44de97061b8d6a296b4d4601a1539d45c6a5e39b8441c2e2a18e33d31d88e1730e9e10212e38e9c45f9619a64aad5030b545a1099f0c649937eb6c4
+SHA512 (linux-4.18.0-553.102.1.el8_10.tar.xz) = 00e25417b6bee3c0153a9a3a4791d796893a386c7570cc8dfc686a8b7c830ad682f908a2ec53ef255cdf9ed03cd76ac7903b7fb439a3709c3eede53e54351772
+SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = c3e8933a11a7a923b2b02b81841c8ed441f2ad405cbbd567dbb3396bf528f2a04482f3dc039de34606c3355e4124fa8506d21df7125b5a964117f73ae393da9e
+SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 6b85a8577559a3ad75b736d5a146f53b3885985f548f3c6d604c4c3855d41265d888e701f64d8af5c5dd196921b1f06ebbbf639f0b752a6441f3e200b5129447