diff --git a/kernel-x86_64-debug.config b/kernel-x86_64-debug.config
index 779f1616b..213c7e212 100644
--- a/kernel-x86_64-debug.config
+++ b/kernel-x86_64-debug.config
@@ -3936,6 +3936,7 @@ CONFIG_MISDN_L1OIP=m
 CONFIG_MISDN_NETJET=m
 CONFIG_MISDN_SPEEDFAX=m
 CONFIG_MISDN_W6692=m
+CONFIG_MITIGATION_VMSCAPE=y
 CONFIG_MLX4_EN=m
 CONFIG_MLX4_EN_DCB=y
 CONFIG_MLX4_INFINIBAND=m
diff --git a/kernel-x86_64.config b/kernel-x86_64.config
index c7fc8a861..805cd4e29 100644
--- a/kernel-x86_64.config
+++ b/kernel-x86_64.config
@@ -3936,6 +3936,7 @@ CONFIG_MISDN_L1OIP=m
 CONFIG_MISDN_NETJET=m
 CONFIG_MISDN_SPEEDFAX=m
 CONFIG_MISDN_W6692=m
+CONFIG_MITIGATION_VMSCAPE=y
 CONFIG_MLX4_EN=m
 CONFIG_MLX4_EN_DCB=y
 CONFIG_MLX4_INFINIBAND=m
diff --git a/kernel.spec b/kernel.spec
index f2cb1bb99..d04497f21 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.82.1.el8_10
+%define pkgrelease 553.83.1.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.82.1%{?dist}
+%define specrelease 553.83.1%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -2705,6 +2705,29 @@ fi
 #
 #
 %changelog
+* Thu Oct 30 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.83.1.el8_10]
+- fs: fix UAF/GPF bug in nilfs_mdt_destroy (Abhi Das) [RHEL-116658] {CVE-2022-50367}
+- redhat/configs: Enable CONFIG_MITIGATION_VMSCAPE for x86_64 (Waiman Long) [RHEL-114285]
+- x86/vmscape: Add old Intel CPUs to affected list (Waiman Long) [RHEL-114285] {CVE-2025-40300}
+- x86/vmscape: Warn when STIBP is disabled with SMT (Waiman Long) [RHEL-114285] {CVE-2025-40300}
+- x86/bugs: Move cpu_bugs_smt_update() down (Waiman Long) [RHEL-114285] {CVE-2025-40300}
+- x86/vmscape: Enable the mitigation (Waiman Long) [RHEL-114285] {CVE-2025-40300}
+- x86/vmscape: Add conditional IBPB mitigation (Waiman Long) [RHEL-114285] {CVE-2025-40300}
+- x86/vmscape: Enumerate VMSCAPE bug (Waiman Long) [RHEL-114285] {CVE-2025-40300}
+- Documentation/hw-vuln: Add VMSCAPE documentation (Waiman Long) [RHEL-114285] {CVE-2025-40300}
+- i40e: fix Jumbo Frame support after iPXE boot (Mohammad Heib) [RHEL-121781]
+- i40e: Report MFS in decimal base instead of hex (Mohammad Heib) [RHEL-121781]
+- i40e: Fix unexpected MFS warning message (Mohammad Heib) [RHEL-121781]
+- bitfield: Add FIELD_MODIFY() helper (Mohammad Heib) [RHEL-121781]
+- bitops: Add non-atomic bitops for pointers (Mohammad Heib) [RHEL-121781]
+- qed/qede: Fix scheduling while atomic (CKI Backport Bot) [RHEL-9757]
+- fanotify: add watchdog for permission events (Miklos Szeredi) [RHEL-123215]
+- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (Miklos Szeredi) [RHEL-123215]
+- jiffies: Define secs_to_jiffies() (Miklos Szeredi) [RHEL-123215]
+- s390/pci: Fix __pcilg_mio_inuser() inline assembly (Mete Durlu) [RHEL-105611]
+- mm: zswap: fix missing folio cleanup in writeback race path (Aristeu Rozanski) [RHEL-116239] {CVE-2023-53178}
+- mm: fix zswap writeback race condition (Aristeu Rozanski) [RHEL-116239] {CVE-2023-53178}
+
 * Thu Oct 23 2025 Alexandra Hájková <ahajkova@redhat.com> [4.18.0-553.82.1.el8_10]
 - smb: client: fix missing timestamp updates after utime(2) (Paulo Alcantara) [RHEL-109431]
 - cifs: fix leak of iface for primary channel (Paulo Alcantara) [RHEL-109546]
diff --git a/sources b/sources
index a174ad9a9..60687dcc8 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-4.18.0-553.82.1.el8_10.tar.xz) = 993e619d9d972d42ef906216dda910550386d629f6e7d90cb2636839ce73f30b1a2e868544733023b70e09531ac3d47e9a2e5b67a836f50484885c61d2e8ef06
-SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 9a27444fa9ac1e4c292b2098ba617625357a00788e17f336a3375ce33ce7aab06cf50c8db10dd84e354a41ef01016d19065e89704161d9343ccec9e07d587786
-SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 1ac5ac6985d4f141b2a06df5df02b1f75aad141c1385ce0ba69aaf2c3677d9a8fd7f5194200f071e7b93387e84963ad2a99830c85bad647a06d2cb16dd919562
+SHA512 (linux-4.18.0-553.83.1.el8_10.tar.xz) = 99a9afdc1d988ea55891d7f1263497b3e5e705f85de728341df04a4b82ecdb3f166aa35811edba727c0984a6f7c9f1ff8fdb22df26b68e069a6d2992cc8c3104
+SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = cdc6ebbf26b3780f8cf0d802e9c3698f9e10dbb146ad11604adeeb15849c0f1547b3a40ed2c442a339dad38bce72eb32829d01be8ff2da846f7d725db77a226c
+SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 79a9788af0c183f670166700354b6a188c176427a6230b8bfaa2cfdc6a4daa1418bbee98d80b7f6b3195043eeef1ffa6782d03b5a1733b65a90c22f66684941f