diff --git a/.kernel.checksum b/.kernel.checksum
index 6b0d5eccad0719fb9223747757effff3ff0fa873..aa6b15d5235ab421d5af3442cfaaeebbc4823862 100644
--- a/.kernel.checksum
+++ b/.kernel.checksum
@@ -1 +1 @@
-b3075754a73b89e92cbf109e51ee9a3929a2ca89054966bc378e4c667a96d1ca
+6fa1b3fdffff3c4b47b94a58282ce22c365df08c1d886221d4b6bfc6242d8188
diff --git a/.kernel.metadata b/.kernel.metadata
index 7ab5188e2aa52fccd8750b6feb459c875e8154ee..0d2a82c35729a8cd0943911a2909e5497b92a93f 100644
--- a/.kernel.metadata
+++ b/.kernel.metadata
@@ -1,3 +1,3 @@
-b84acf41dad1d5eccae62fe3e8944bef1730c88d841c27dabb40355328ab4e86 SOURCES/kernel-abi-stablelists-5.14.0-503.29.1.el9_5.tar.bz2
-285afcc2dffa956e42c0131da4bb0fddfcf6a612ba03331e3e834be3e04e142e SOURCES/kernel-kabi-dw-5.14.0-503.29.1.el9_5.tar.bz2
-437153107ad0e394a671585a2cbe90f32d9dfd9b8f4ad64105d4e82862ece2b0 SOURCES/linux-5.14.0-503.29.1.el9_5.tar.xz
+803d7366c5ec1b1a106d52e64b3f4585abf64556b5066a94fbb71ad31bd4aab3 SOURCES/kernel-abi-stablelists-5.14.0-503.31.1.el9_5.tar.bz2
+e69f87c757bc47b5e763e2e524e2f7bb0b11aa7c24d9fb8deda010de76abc91a SOURCES/kernel-kabi-dw-5.14.0-503.31.1.el9_5.tar.bz2
+56a08ad990da56389d04f887f6a488d10da2f199748fba99f15250239b2e5e74 SOURCES/linux-5.14.0-503.31.1.el9_5.tar.xz
diff --git a/SOURCES/Makefile.rhelver b/SOURCES/Makefile.rhelver
index a89c2c06278ba92926106fef7757f061882f186d..f7bfc93b07a4856cf41fddbf393b73cdcd56092c 100644
--- a/SOURCES/Makefile.rhelver
+++ b/SOURCES/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 5
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 503.29.1
+RHEL_RELEASE = 503.31.1
 
 #
 # ZSTREAM
diff --git a/SOURCES/kernel.changelog b/SOURCES/kernel.changelog
index e8f21bf8d69fe1bb7cfabacd5fd485737988ff16..8a961d2bfa9f0abfbf64f4b8c385dd4815e4cbff 100644
--- a/SOURCES/kernel.changelog
+++ b/SOURCES/kernel.changelog
@@ -1,3 +1,51 @@
+* Thu Mar 06 2025 Chao YE <cye@redhat.com> [5.14.0-503.31.1.el9_5]
+- HID: core: zero-initialize the report buffer (Benjamin Tissoires) [RHEL-81838] {CVE-2024-50302}
+- x86/kaslr: Expose and use the end of the physical memory address space (Waiman Long) [RHEL-70002]
+- ALSA: usb-audio: Fix a DMA to stack memory bug (Jaroslav Kysela) [RHEL-81799]
+- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81799]
+- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Jaroslav Kysela) [RHEL-81799] {CVE-2024-53197}
+- ALSA: usb-audio: Add sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81799]
+- x86/kexec: Add EFI config table identity mapping for kexec kernel (Jay Shin) [RHEL-74170]
+- mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (Jay Shin) [RHEL-73210] {CVE-2024-53113}
+- can: bcm: Fix UAF in bcm_proc_show() (CKI KWF BOT) [RHEL-80746] {CVE-2023-52922}
+- smb: client: fix chmod(2) regression with ATTR_READONLY (Jay Shin) [RHEL-80526]
+- hugetlb: prioritize surplus allocation from current node (Aristeu Rozanski) [RHEL-77488]
+- dev: Acquire netdev_rename_lock before restoring dev->name in dev_change_name(). (Antoine Tenart) [RHEL-77338]
+- net: add softirq safety to netdev_rename_lock (Antoine Tenart) [RHEL-77343]
+- arp: Convert ioctl(SIOCGARP) to RCU. (Antoine Tenart) [RHEL-77343]
+- net: Protect dev->name by seqlock. (Antoine Tenart) [RHEL-77343]
+- net: Remove unused declaration dev_restart() (Antoine Tenart) [RHEL-77343]
+- arp: Get dev after calling arp_req_(delete|set|get)(). (Antoine Tenart) [RHEL-77343]
+- arp: Remove a nest in arp_req_get(). (Antoine Tenart) [RHEL-77343]
+- arp: Factorise ip_route_output() call in arp_req_set() and arp_req_delete(). (Antoine Tenart) [RHEL-77343]
+- arp: Validate netmask earlier for SIOCDARP and SIOCSARP in arp_ioctl(). (Antoine Tenart) [RHEL-77343]
+- arp: Move ATF_COM setting in arp_req_set(). (Antoine Tenart) [RHEL-77343]
+- ACPI: extlog: fix NULL pointer dereference check (Mark Langsdorf) [RHEL-75250] {CVE-2023-52605}
+- vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Jon Maloy) [RHEL-75461] {CVE-2024-50264}
+- x86/pci: Skip early E820 check for ECAM region (CKI Backport Bot) [RHEL-67065]
+- cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids (Steve Best) [RHEL-64291]
+Resolves: RHEL-64291, RHEL-67065, RHEL-70002, RHEL-73210, RHEL-74170, RHEL-75250, RHEL-75461, RHEL-77338, RHEL-77343, RHEL-77488, RHEL-80526, RHEL-80746, RHEL-81799, RHEL-81838
+
+* Sun Mar 02 2025 Patrick Talbert <ptalbert@redhat.com> [5.14.0-503.30.1.el9_5]
+- can: bcm: Fix UAF in bcm_proc_show() (CKI KWF BOT) [RHEL-80746] {CVE-2023-52922}
+- smb: client: fix chmod(2) regression with ATTR_READONLY (Jay Shin) [RHEL-80526]
+- hugetlb: prioritize surplus allocation from current node (Aristeu Rozanski) [RHEL-77488]
+- dev: Acquire netdev_rename_lock before restoring dev->name in dev_change_name(). (Antoine Tenart) [RHEL-77338]
+- net: add softirq safety to netdev_rename_lock (Antoine Tenart) [RHEL-77343]
+- arp: Convert ioctl(SIOCGARP) to RCU. (Antoine Tenart) [RHEL-77343]
+- net: Protect dev->name by seqlock. (Antoine Tenart) [RHEL-77343]
+- net: Remove unused declaration dev_restart() (Antoine Tenart) [RHEL-77343]
+- arp: Get dev after calling arp_req_(delete|set|get)(). (Antoine Tenart) [RHEL-77343]
+- arp: Remove a nest in arp_req_get(). (Antoine Tenart) [RHEL-77343]
+- arp: Factorise ip_route_output() call in arp_req_set() and arp_req_delete(). (Antoine Tenart) [RHEL-77343]
+- arp: Validate netmask earlier for SIOCDARP and SIOCSARP in arp_ioctl(). (Antoine Tenart) [RHEL-77343]
+- arp: Move ATF_COM setting in arp_req_set(). (Antoine Tenart) [RHEL-77343]
+- ACPI: extlog: fix NULL pointer dereference check (Mark Langsdorf) [RHEL-75250] {CVE-2023-52605}
+- vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Jon Maloy) [RHEL-75461] {CVE-2024-50264}
+- x86/pci: Skip early E820 check for ECAM region (CKI Backport Bot) [RHEL-67065]
+- cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids (Steve Best) [RHEL-64291]
+Resolves: RHEL-64291, RHEL-67065, RHEL-75250, RHEL-75461, RHEL-77338, RHEL-77343, RHEL-77488, RHEL-80526, RHEL-80746
+
 * Tue Feb 25 2025 Chao YE <cye@redhat.com> [5.14.0-503.29.1.el9_5]
 - rhel-9.5: gate on kernel-qe tests results not cki ones (Bruno Goncalves)
 - ice: implement low latency PHY timer updates (Petr Oros) [RHEL-75466]
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index 3968d661f376ac23e0468d84665790f3ba031f95..ae4b74a9589ad787f6a0b4b83bca6d8b118ffbfc 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 503.29.1
+%define pkgrelease 503.31.1
 %define kversion 5
-%define tarfile_release 5.14.0-503.29.1.el9_5
+%define tarfile_release 5.14.0-503.31.1.el9_5
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 503.29.1%{?buildid}%{?dist}
+%define specrelease 503.31.1%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-503.29.1.el9_5
+%define kabiversion 5.14.0-503.31.1.el9_5
 
 #
 # End of genspec.sh variables
@@ -3794,10 +3794,56 @@ fi
 #
 #
 %changelog
-* Wed Mar 05 2025 Release Engineering <releng@rockylinux.org> - 5.14.0-503.29.1
+* Tue Mar 11 2025 Release Engineering <releng@rockylinux.org> - 5.14.0-503.31.1
 - Porting to Rocky Linux 9, debranding and Rocky branding
 - Ensure aarch64 kernel is not compressed
 
+* Thu Mar 06 2025 Chao YE <cye@redhat.com> [5.14.0-503.31.1.el9_5]
+- HID: core: zero-initialize the report buffer (Benjamin Tissoires) [RHEL-81838] {CVE-2024-50302}
+- x86/kaslr: Expose and use the end of the physical memory address space (Waiman Long) [RHEL-70002]
+- ALSA: usb-audio: Fix a DMA to stack memory bug (Jaroslav Kysela) [RHEL-81799]
+- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81799]
+- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Jaroslav Kysela) [RHEL-81799] {CVE-2024-53197}
+- ALSA: usb-audio: Add sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81799]
+- x86/kexec: Add EFI config table identity mapping for kexec kernel (Jay Shin) [RHEL-74170]
+- mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (Jay Shin) [RHEL-73210] {CVE-2024-53113}
+- can: bcm: Fix UAF in bcm_proc_show() (CKI KWF BOT) [RHEL-80746] {CVE-2023-52922}
+- smb: client: fix chmod(2) regression with ATTR_READONLY (Jay Shin) [RHEL-80526]
+- hugetlb: prioritize surplus allocation from current node (Aristeu Rozanski) [RHEL-77488]
+- dev: Acquire netdev_rename_lock before restoring dev->name in dev_change_name(). (Antoine Tenart) [RHEL-77338]
+- net: add softirq safety to netdev_rename_lock (Antoine Tenart) [RHEL-77343]
+- arp: Convert ioctl(SIOCGARP) to RCU. (Antoine Tenart) [RHEL-77343]
+- net: Protect dev->name by seqlock. (Antoine Tenart) [RHEL-77343]
+- net: Remove unused declaration dev_restart() (Antoine Tenart) [RHEL-77343]
+- arp: Get dev after calling arp_req_(delete|set|get)(). (Antoine Tenart) [RHEL-77343]
+- arp: Remove a nest in arp_req_get(). (Antoine Tenart) [RHEL-77343]
+- arp: Factorise ip_route_output() call in arp_req_set() and arp_req_delete(). (Antoine Tenart) [RHEL-77343]
+- arp: Validate netmask earlier for SIOCDARP and SIOCSARP in arp_ioctl(). (Antoine Tenart) [RHEL-77343]
+- arp: Move ATF_COM setting in arp_req_set(). (Antoine Tenart) [RHEL-77343]
+- ACPI: extlog: fix NULL pointer dereference check (Mark Langsdorf) [RHEL-75250] {CVE-2023-52605}
+- vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Jon Maloy) [RHEL-75461] {CVE-2024-50264}
+- x86/pci: Skip early E820 check for ECAM region (CKI Backport Bot) [RHEL-67065]
+- cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids (Steve Best) [RHEL-64291]
+
+* Sun Mar 02 2025 Patrick Talbert <ptalbert@redhat.com> [5.14.0-503.30.1.el9_5]
+- can: bcm: Fix UAF in bcm_proc_show() (CKI KWF BOT) [RHEL-80746] {CVE-2023-52922}
+- smb: client: fix chmod(2) regression with ATTR_READONLY (Jay Shin) [RHEL-80526]
+- hugetlb: prioritize surplus allocation from current node (Aristeu Rozanski) [RHEL-77488]
+- dev: Acquire netdev_rename_lock before restoring dev->name in dev_change_name(). (Antoine Tenart) [RHEL-77338]
+- net: add softirq safety to netdev_rename_lock (Antoine Tenart) [RHEL-77343]
+- arp: Convert ioctl(SIOCGARP) to RCU. (Antoine Tenart) [RHEL-77343]
+- net: Protect dev->name by seqlock. (Antoine Tenart) [RHEL-77343]
+- net: Remove unused declaration dev_restart() (Antoine Tenart) [RHEL-77343]
+- arp: Get dev after calling arp_req_(delete|set|get)(). (Antoine Tenart) [RHEL-77343]
+- arp: Remove a nest in arp_req_get(). (Antoine Tenart) [RHEL-77343]
+- arp: Factorise ip_route_output() call in arp_req_set() and arp_req_delete(). (Antoine Tenart) [RHEL-77343]
+- arp: Validate netmask earlier for SIOCDARP and SIOCSARP in arp_ioctl(). (Antoine Tenart) [RHEL-77343]
+- arp: Move ATF_COM setting in arp_req_set(). (Antoine Tenart) [RHEL-77343]
+- ACPI: extlog: fix NULL pointer dereference check (Mark Langsdorf) [RHEL-75250] {CVE-2023-52605}
+- vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Jon Maloy) [RHEL-75461] {CVE-2024-50264}
+- x86/pci: Skip early E820 check for ECAM region (CKI Backport Bot) [RHEL-67065]
+- cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids (Steve Best) [RHEL-64291]
+
 * Tue Feb 25 2025 Chao YE <cye@redhat.com> [5.14.0-503.29.1.el9_5]
 - rhel-9.5: gate on kernel-qe tests results not cki ones (Bruno Goncalves)
 - ice: implement low latency PHY timer updates (Petr Oros) [RHEL-75466]