diff --git a/kernel.spec b/kernel.spec
index 43497865d..a367dd381 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.14.1.el8_10
+%define pkgrelease 553.15.1.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.14.1%{?dist}
+%define specrelease 553.15.1%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -2696,6 +2696,28 @@ fi
 #
 #
 %changelog
+* Fri Jul 26 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.15.1.el8_10]
+- Revert "scsi: st: Add third party poweron reset handling" (John Meneghini) [RHEL-44613]
+- ionic: fix use after netif_napi_del() (CKI Backport Bot) [RHEL-47624] {CVE-2024-39502}
+- ionic: clean interrupt before enabling queue to avoid credit race (CKI Backport Bot) [RHEL-47624] {CVE-2024-39502}
+- net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change (CKI Backport Bot) [RHEL-49321] {CVE-2021-47624}
+- xhci: Handle TD clearing for multiple streams case (CKI Backport Bot) [RHEL-47882] {CVE-2024-40927}
+- net: openvswitch: Fix Use-After-Free in ovs_ct_exit (cki-backport-bot) [RHEL-36362] {CVE-2024-27395}
+- net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (Ivan Vecera) [RHEL-43721] {CVE-2024-36979}
+- net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (Ivan Vecera) [RHEL-43721] {CVE-2024-36979}
+- net: bridge: mst: fix vlan use-after-free (cki-backport-bot) [RHEL-43721] {CVE-2024-36979}
+- irqchip/gic-v3-its: Prevent double free on error (Charles Mirabile) [RHEL-37022] {CVE-2024-35847}
+- irqchip/gic-v3-its: Fix potential VPE leak on error (Charles Mirabile) [RHEL-37744] {CVE-2021-47373}
+- i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() (Charles Mirabile) [RHEL-34735] {CVE-2022-48632}
+- iommu/dma: fix zeroing of bounce buffer padding used by untrusted devices (Eder Zulian) [RHEL-36954] {CVE-2024-35814}
+- swiotlb: remove alloc_size argument to swiotlb_tbl_map_single() (Eder Zulian) [RHEL-36954] {CVE-2024-35814}
+- swiotlb: fix swiotlb_bounce() to do partial sync's correctly (Eder Zulian) [RHEL-36954] {CVE-2024-35814}
+- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (Eder Zulian) [RHEL-36954] {CVE-2024-35814}
+- swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE (Eder Zulian) [RHEL-36954] {CVE-2024-35814}
+- swiotlb: Fix alignment checks when both allocation and DMA masks are present (Eder Zulian) [RHEL-36954] {CVE-2024-35814}
+- swiotlb: Fix double-allocation of slots due to broken alignment handling (Eder Zulian) [RHEL-36954] {CVE-2024-35814}
+- genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (cki-backport-bot) [RHEL-44441] {CVE-2024-31076}
+
 * Thu Jul 25 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.14.1.el8_10]
 - s390/qeth: Fix kernel panic after setting hsuid (Mete Durlu) [RHEL-49754]
 - perf/core: Protect event sibling list locking against interrupt inversion (Daniel Vacek) [RHEL-31798]
diff --git a/sources b/sources
index b8f5e7747..4a5ab99e4 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-4.18.0-553.14.1.el8_10.tar.xz) = c885fd0eb4bdaaeea96da55ea11f06aec03072f1bc3d80a6d740de569a93ab17988ae715de14f61ae48ffb7566ea942ecba76ad66b8a82cb1cd78a707679fa38
-SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 8f4a3261844da6900fd66b0790b8b878c3c0fa2b9e2fc7f13ba557b7ee6eb0446a4480c5060d7c218b9c3f9ef45dc90efede78aafb78ce0587a7d2177efbc261
+SHA512 (linux-4.18.0-553.15.1.el8_10.tar.xz) = ea31abdc0abc1a613153fb6e38aecd2b742152d905898584350b26d1b813ef305f7810c75b58c256200689531a0757991612cac7b6d081c2db54314beec33d69
+SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 4fb6cf96f434273396fbb0ec457fde819ee387b09a2c7458cffd8874c803ebef9a314b73644dd72c8cd5c16a169fecee99a880a0e96ccd37760ce6a0926c2286
 SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf