diff --git a/.gitignore b/.gitignore
index a5bdac5..4727467 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,6 @@
 SOURCES/centossecureboot201.cer
 SOURCES/centossecurebootca2.cer
-SOURCES/linux-4.18.0-513.11.1.rt7.313.el8_9.tar.xz
+SOURCES/linux-4.18.0-513.18.1.rt7.320.el8_9.tar.xz
 SOURCES/redhatsecureboot302.cer
 SOURCES/redhatsecureboot303.cer
 SOURCES/redhatsecureboot501.cer
diff --git a/.kernel-rt.metadata b/.kernel-rt.metadata
index db92825..520aab3 100644
--- a/.kernel-rt.metadata
+++ b/.kernel-rt.metadata
@@ -1,6 +1,6 @@
 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
 bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
-2bddd87781b3d0020cc4555816d182b42f5e3910 SOURCES/linux-4.18.0-513.11.1.rt7.313.el8_9.tar.xz
+97f2ebbbe1fd149548ed2eb5d49dbb2590d1fed1 SOURCES/linux-4.18.0-513.18.1.rt7.320.el8_9.tar.xz
 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
 e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
 ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index 5a1dd26..ab6d369 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 513.11.1.rt7.313.el8_9
+%define pkgrelease 513.18.1.rt7.320.el8_9
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 513.11.1.rt7.313%{?dist}
+%define specrelease 513.18.1.rt7.320%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -148,7 +148,7 @@
 # The preempt RT patch level
 %global rttag .rt7
 # realtimeN
-%global rtbuild .313
+%global rtbuild .320
 %define with_doc 0
 %define with_headers 0
 %define with_cross_headers 0
@@ -2699,6 +2699,78 @@ fi
 #
 #
 %changelog
+* Thu Feb 01 2024 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.18.1.rt7.320.el8_9]
+- [rt] build kernel-rt-4.18.0-513.18.1.rt7.320.el8_9 [RHEL-19561]
+- net: tls, update curr on splice as well (Sabrina Dubroca) [RHEL-22102 RHEL-19068] {CVE-2024-0646}
+- smb: client: fix potential OOB in smb2_dump_detail() (Scott Mayhew) [RHEL-21675 RHEL-19145] {CVE-2023-6610}
+- smb: client: fix potential OOB in cifs_dump_detail() (Scott Mayhew) [RHEL-21675 RHEL-19145] {CVE-2023-6610}
+- nvmet-tcp: Fix the H2C expected PDU len calculation (Maurizio Lombardi) [RHEL-22296 RHEL-22633 RHEL-22639 RHEL-19154 RHEL-19160 RHEL-19166] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536}
+- nvmet-tcp: remove boilerplate code (Maurizio Lombardi) [RHEL-22296 RHEL-22633 RHEL-22639 RHEL-19154 RHEL-19160 RHEL-19166] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536}
+- nvmet-tcp: fix a crash in nvmet_req_complete() (Maurizio Lombardi) [RHEL-22296 RHEL-22633 RHEL-22639 RHEL-19154 RHEL-19160 RHEL-19166] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536}
+- nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length (Maurizio Lombardi) [RHEL-22296 RHEL-22633 RHEL-22639 RHEL-19154 RHEL-19160 RHEL-19166] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536}
+- net-sysfs: add check for netdevice being present to speed_show (Michal Schmidt) [RHEL-20924 RHEL-16007]
+- netfilter: nft_set_pipapo: skip inactive elements during set walk (Florian Westphal) [RHEL-20706 RHEL-19960] {CVE-2023-6817}
+
+* Thu Jan 25 2024 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.17.1.rt7.319.el8_9]
+- [rt] build kernel-rt-4.18.0-513.17.1.rt7.319.el8_9 [RHEL-19561]
+- redhat: rewrite genlog and support Y- tags (Jan Stancek)
+- smb: client: fix OOB in smbCalcSize() (Scott Mayhew) [RHEL-21667 RHEL-18991] {CVE-2023-6606}
+- s390/qeth: Don't call dev_close/dev_open (DOWN/UP) (Tobias Huschle) [RHEL-17884 RHEL-2410]
+- blk-mq: use quiesced elevator switch when reinitializing queues (Ming Lei) [RHEL-21785 RHEL-19944]
+- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (Ming Lei) [RHEL-20232 RHEL-8128]
+
+* Thu Jan 18 2024 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.16.1.rt7.318.el8_9]
+- [rt] build kernel-rt-4.18.0-513.16.1.rt7.318.el8_9 [RHEL-19561]
+- tracing/timerlat: Add user-space interface (Chris White) [RHEL-20362 RHEL-15142]
+- tracing/osnoise: Skip running osnoise if all instances are off (Chris White) [RHEL-20362 RHEL-15142]
+- tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (Chris White) [RHEL-20362 RHEL-15142]
+- tracing/timerlat: Always wakeup the timerlat thread (Chris White) [RHEL-20362 RHEL-15142]
+- tracing/osnoise: Fix notify new tracing_max_latency (Chris White) [RHEL-20362 RHEL-15142]
+- tracing/timerlat: Notify new max thread latency (Chris White) [RHEL-20362 RHEL-15142]
+- trace/osnoise: make use of the helper function kthread_run_on_cpu() (Chris White) [RHEL-20362 RHEL-15142]
+- kthread: add the helper function kthread_run_on_cpu() (Chris White) [RHEL-20362 RHEL-15142]
+- x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing (Prarit Bhargava) [RHEL-7238 RHEL-4244]
+- HID: check empty report_list in hid_validate_values() (Desnes Nunes) [RHEL-19268 RHEL-19260] {CVE-2023-1073}
+- s390/dasd: print copy pair message only for the correct error (Tobias Huschle) [RHEL-9444 RHEL-2831]
+- blk-mq: don't count completed flush data request as inflight in case of quiesce (Ming Lei) [RHEL-19111 RHEL-18055]
+
+* Thu Jan 11 2024 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.15.1.rt7.317.el8_9]
+- [rt] build kernel-rt-4.18.0-513.15.1.rt7.317.el8_9 [RHEL-19561]
+- IB/ipoib: Fix mcast list locking (Daniel Vacek) [RHEL-19699 RHEL-19244]
+- RDMA/IPoIB: Fix error code return in ipoib_mcast_join (Daniel Vacek) [RHEL-19699 RHEL-19244]
+- x86/sev: Check for user-space IOIO pointing to kernel space (Wander Lairson Costa) [RHEL-18017 RHEL-14979] {CVE-2023-46813}
+- x86/sev: Check IOBM for IOIO exceptions from user-space (Wander Lairson Costa) [RHEL-18017 RHEL-14979] {CVE-2023-46813}
+- x86/sev: Disable MMIO emulation from user mode (Wander Lairson Costa) [RHEL-18017 RHEL-14979] {CVE-2023-46813}
+- x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling (Wander Lairson Costa) [RHEL-18017 RHEL-14979] {CVE-2023-46813}
+
+* Thu Jan 04 2024 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.14.1.rt7.316.el8_9]
+- [rt] build kernel-rt-4.18.0-513.14.1.rt7.316.el8_9 [RHEL-19561]
+- nfp: fix use-after-free in area_cache_get() (Ricardo Robaina) [RHEL-19533 RHEL-7242] {CVE-2022-3545}
+- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (David Marlin) [RHEL-20501 RHEL-2716] {CVE-2023-40283}
+- md/raid5: release batch_last before waiting for another stripe_head (Nigel Croxon) [RHEL-12284 RHEL-9875]
+
+* Thu Dec 21 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.13.1.rt7.315.el8_9]
+- [rt] build kernel-rt-4.18.0-513.12.1.rt7.314.el8_9 [RHEL-19561]
+- Fix double fget() in vhost_net_set_backend() (Jon Maloy) [RHEL-13229 RHEL-7266] {CVE-2023-1838}
+- can: af_can: fix NULL pointer dereference in can_rcv_filter (Ricardo Robaina) [RHEL-19523 RHEL-7053] {CVE-2023-2166}
+- RDMA/core: Update CMA destination address on rdma_resolve_addr (Kamal Heib) [RHEL-19407 RHEL-7243] {CVE-2023-2176}
+- RDMA/core: Refactor rdma_bind_addr (Kamal Heib) [RHEL-19407 RHEL-7243] {CVE-2023-2176}
+- net: fix net device address assign type (Michal Schmidt) [RHEL-17296 RHEL-6383]
+- net: add check for current MAC address in dev_set_mac_address (Michal Schmidt) [RHEL-17296 RHEL-6383]
+- perf/core: Fix potential NULL deref (Wander Lairson Costa) [RHEL-18007 RHEL-14983] {CVE-2023-5717}
+- perf: Disallow mis-matched inherited group reads (Wander Lairson Costa) [RHEL-18007 RHEL-14983] {CVE-2023-5717}
+- drivers: net: slip: fix NPD bug in sl_tx_timeout() (Michal Schmidt) [RHEL-19026 RHEL-7240] {CVE-2022-41858}
+
+* Fri Dec 15 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.12.1.rt7.314.el8_9]
+- [rt] build kernel-rt-4.18.0-513.12.1.rt7.314.el8_9 [RHEL-19561]
+- net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve (Davide Caratti) [RHEL-16859 RHEL-16616] {CVE-2023-4623}
+- net/sched: sch_hfsc: Ensure inner classes have fsc curve (Davide Caratti) [RHEL-16859 RHEL-16616] {CVE-2023-4623}
+- net: sched: sch_qfq: Use non-work-conserving warning handler (Davide Caratti) [RHEL-14423 RHEL-16616] {CVE-2023-4921}
+- net: sched: sch_qfq: Fix UAF in qfq_dequeue() (Davide Caratti) [RHEL-14423 RHEL-16616] {CVE-2023-4921}
+- net/tls: Remove the context from the list in tls_device_down (Jay Shin) [RHEL-17813 RHEL-17301]
+- tls: Fix context leak on tls_device_down (Jay Shin) [RHEL-17813 RHEL-17301]
+- igb: set max size RX buffer when store bad packet is enabled (Wander Lairson Costa) [RHEL-15198 RHEL-15199] {CVE-2023-45871}
+
 * Thu Dec 07 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.11.1.rt7.313.el8_9]
 - [rt] build kernel-rt-4.18.0-513.11.1.rt7.313.el8_9 [RHEL-17347]
 - redhat: fix to be able to build with rpm 4.19.0 (Denys Vlasenko)