diff --git a/download b/download
index 6edd98da4b7926978750142a4b0b6ee2512f6be7..584d3ed0ceaf395aef358431c561e35d8058c09a 100644
--- a/download
+++ b/download
@@ -1,3 +1,3 @@
-e8477f2d6aa843cc1c56cf17fd148ca5  kernel-abi-stablelists-4.18.0-553.tar.bz2
+68a8c995ccf79470c26758c4a2ec6e19  kernel-abi-stablelists-4.18.0-553.tar.bz2
 dacb6c59855053065f7f64fcfb9aa828  kernel-kabi-dw-4.18.0-553.tar.bz2
-bd0e3e4cf3d14c4b738312ab7694dfe2  linux-4.18.0-553.74.1.el8_10.tar.xz
+eb988ea4b4862ddc722135e0735c40a7  linux-4.18.0-553.76.1.el8_10.tar.xz
diff --git a/kernel.spec b/kernel.spec
index 6741f157bc8fa4d62277bcfb95a96994e5b1caa0..ee5ecf48ec51ae732f6040f8dbd45d770523900e 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -39,10 +39,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.74.1.el8_10
+%define pkgrelease 553.76.1.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.74.1%{anolis_release}%{?dist}
+%define specrelease 553.76.1%{anolis_release}%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -2708,9 +2708,43 @@ fi
 #
 #
 %changelog
-* Thu Sep 11 2025 Xiaoping Liu <liuxiaoping@alibaba-inc.com> - 4.18.0-553.74.1.0.1
+* Sun Sep 28 2025 Xiaoping Liu <liuxiaoping@alibaba-inc.com> - 4.18.0-553.76.1.0.1
 - kernel:repair dwarves causes kernel compilation to fail
 
+* Sun Sep 14 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.76.1.el8_10]
+- HID: core: Harden s32ton() against conversion to 0 bits (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
+- HID: stop exporting hid_snto32() (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
+- HID: simplify snto32() (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
+- HID: core: fix shift-out-of-bounds in hid_report_raw_event (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
+- use uniform permission checks for all mount propagation changes (Ian Kent) [RHEL-107299] {CVE-2025-38498}
+- do_change_type(): refuse to operate on unmounted/not ours mounts (Ian Kent) [RHEL-107299] {CVE-2025-38498}
+- xfs: make sure sb_fdblocks is non-negative (Pavel Reichl) [RHEL-104193]
+- vsock: Fix transport_* TOCTOU (CKI Backport Bot) [RHEL-105991] {CVE-2025-38461}
+
+* Tue Sep 09 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.75.1.el8_10]
+- Revert "module, async: async_synchronize_full() on module init iff async is used" (Herton R. Krzesinski) [RHEL-99812]
+- mm/page_alloc: make sure free_pcppages_bulk() bails when given count < 0 (Rafael Aquini) [RHEL-85453]
+- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
+- net/sched: ets: use old 'nbands' while purging unused classes (Ivan Vecera) [RHEL-107541] {CVE-2025-38350}
+- net_sched: sch_ets: implement lockless ets_dump() (Ivan Vecera) [RHEL-107541] {CVE-2025-38350}
+- net/sched: Always pass notifications when child class becomes empty (Ivan Vecera) [RHEL-93376] {CVE-2025-38350}
+- net_sched: ets: fix a race in ets_qdisc_change() (Ivan Vecera) [RHEL-107541] {CVE-2025-38107}
+- sch_htb: make htb_deactivate() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-37953}
+- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (Ivan Vecera) [RHEL-93376] {CVE-2025-37798}
+- sch_qfq: make qfq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-38350}
+- sch_drr: make drr_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-38350}
+- sch_htb: make htb_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-37932}
+- idpf: convert control queue mutex to a spinlock (CKI Backport Bot) [RHEL-106049] {CVE-2025-38392}
+- drm/framebuffer: Acquire internal references on GEM handles (Anusha Srivatsa) [RHEL-106684] {CVE-2025-38449}
+- drm/gem: Acquire references on GEM handles for framebuffers (Anusha Srivatsa) [RHEL-106684] {CVE-2025-38449}
+- tracing: Disable interrupt or preemption before acquiring arch_spinlock_t (partial) (Luis Claudio R. Goncalves) [RHEL-95713]
+- vmxnet3: disable rx data ring on dma allocation failure (Michal Schmidt) [RHEL-106160]
+- xfs: fix error returns from xfs_bmapi_write (Carlos Maiolino) [RHEL-93655]
+- xfs: handle nimaps=0 from xfs_bmapi_write in xfs_alloc_file_space (Carlos Maiolino) [RHEL-93655]
+- net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull (CKI Backport Bot) [RHEL-112239] {CVE-2023-53125}
+- net: usb: smsc75xx: Limit packet length to skb->len (CKI Backport Bot) [RHEL-112239] {CVE-2023-53125}
+- PCI: Support BAR sizes up to 8TB (Myron Stowe) [RHEL-106671]
+
 * Sun Sep 07 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.74.1.el8_10]
 - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (Oleg Nesterov) [RHEL-112775] {CVE-2025-38352}