diff --git a/.github/workflows/build-kata-static-tarball-amd64.yaml b/.github/workflows/build-kata-static-tarball-amd64.yaml
index 9bcdd81ec2..4c08b3ad4b 100644
--- a/.github/workflows/build-kata-static-tarball-amd64.yaml
+++ b/.github/workflows/build-kata-static-tarball-amd64.yaml
@@ -47,6 +47,8 @@ jobs:
           - coco-guest-components
           - firecracker
           - kernel
+          - kernel-confidential
+          - kernel-debug
           - kernel-dragonball-experimental
           - kernel-nvidia-gpu
           - nydus
diff --git a/.github/workflows/build-kata-static-tarball-arm64.yaml b/.github/workflows/build-kata-static-tarball-arm64.yaml
index 959e1597ef..5205e0768d 100644
--- a/.github/workflows/build-kata-static-tarball-arm64.yaml
+++ b/.github/workflows/build-kata-static-tarball-arm64.yaml
@@ -45,6 +45,7 @@ jobs:
           - cloud-hypervisor
           - firecracker
           - kernel
+          - kernel-debug
           - kernel-dragonball-experimental
           - kernel-nvidia-gpu
           - kernel-cca-confidential
diff --git a/.github/workflows/build-kata-static-tarball-s390x.yaml b/.github/workflows/build-kata-static-tarball-s390x.yaml
index 80a9295c6f..cf015d3d59 100644
--- a/.github/workflows/build-kata-static-tarball-s390x.yaml
+++ b/.github/workflows/build-kata-static-tarball-s390x.yaml
@@ -44,6 +44,8 @@ jobs:
           - agent
           - coco-guest-components
           - kernel
+          - kernel-confidential
+          - kernel-debug
           - pause-image
           - qemu
           - virtiofsd
diff --git a/tools/packaging/kata-deploy/local-build/Makefile b/tools/packaging/kata-deploy/local-build/Makefile
index bc5a40a4dc..b54fca234e 100644
--- a/tools/packaging/kata-deploy/local-build/Makefile
+++ b/tools/packaging/kata-deploy/local-build/Makefile
@@ -20,6 +20,8 @@ endif
 ifeq ($(ARCH), x86_64)
 BASE_TARBALLS = serial-targets \
 	firecracker-tarball \
+	kernel-confidential-tarball \
+	kernel-debug-tarball \
 	kernel-dragonball-experimental-tarball \
 	kernel-nvidia-gpu-tarball \
 	kernel-tarball \
@@ -42,6 +44,7 @@ BASE_SERIAL_TARBALLS = rootfs-image-tarball \
 	cloud-hypervisor-glibc-tarball
 else ifeq ($(ARCH), s390x)
 BASE_TARBALLS = serial-targets \
+	kernel-debug-tarball \
 	kernel-tarball \
 	qemu-tarball \
 	shim-v2-tarball \
@@ -51,6 +54,7 @@ BASE_SERIAL_TARBALLS = rootfs-image-tarball \
 else ifeq ($(ARCH), aarch64)
 BASE_TARBALLS = serial-targets \
 	kernel-cca-confidential-tarball \
+	kernel-debug-tarball \
 	kernel-tarball \
 	qemu-tarball \
 	qemu-cca-experimental-tarball \
@@ -137,6 +141,12 @@ kernel-nvidia-gpu-tarball:
 kernel-tarball:
 	${MAKE} $@-build
 
+ernel-debug-tarball:
+	${MAKE} $@-build
+
+kernel-confidential-tarball:
+	${MAKE} $@-build
+
 kernel-cca-confidential-tarball:
 	${MAKE} $@-build
 
diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
index 8d0b6fbd3f..298fa2cc0a 100755
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
@@ -114,6 +114,7 @@ options:
 	kata-manager
 	kernel
 	kernel-cca-confidential
+	kernel-debug
 	kernel-dragonball-experimental
 	kernel-experimental
 	kernel-nvidia-gpu
@@ -716,6 +717,15 @@ install_kernel() {
 		"${extra_cmd}"
 }
 
+install_kernel_debug() {
+	export KERNEL_DEBUG_ENABLED="yes"
+
+	install_kernel_helper \
+		"assets.kernel" \
+		"kernel-debug" \
+		""
+}
+
 install_kernel_cca_confidential() {
 	export CONFIDENTIAL_GUEST="yes"
 	export MEASURED_ROOTFS="yes"
@@ -1319,6 +1329,10 @@ handle_build() {
 
 	kernel) install_kernel ;;
 
+	kernel-confidential) install_kernel_confidential ;;
+
+	kernel-debug) install_kernel_debug ;;
+
 	kernel-cca-confidential) install_kernel_cca_confidential ;;
 
 	kernel-dragonball-experimental) install_kernel_dragonball_experimental ;;
diff --git a/tools/packaging/kernel/README.md b/tools/packaging/kernel/README.md
index 73e6738fed..22618e1b82 100644
--- a/tools/packaging/kernel/README.md
+++ b/tools/packaging/kernel/README.md
@@ -12,7 +12,8 @@ It also requires [yq](https://github.com/mikefarah/yq) version v4.40.7.
 > **Hint**: `go install github.com/mikefarah/yq/v4@latest`
 
 
-The Linux kernel scripts further require a few packages (flex, bison, and libelf-dev)
+The Linux kernel scripts further require a few packages (flex, bison, libelf-dev, and
+dwarves for BTF generation in debug kernels).
 
 
 ## Usage
@@ -73,6 +74,18 @@ containers path (`/usr/share/kata-containers/`).
 $ sudo ./build-kernel.sh install
 ```
 
+## Debug Kernel
+
+Kata Containers provides a kernel with debug configs enabled (symbols, BTF, tracing).
+
+To build this debug kernel, set `KERNEL_DEBUG_ENABLED=yes` for **all phases**:
+
+```bash
+$ KERNEL_DEBUG_ENABLED=yes ./build-kernel.sh setup
+$ KERNEL_DEBUG_ENABLED=yes ./build-kernel.sh build
+$ sudo KERNEL_DEBUG_ENABLED=yes ./build-kernel.sh install
+```
+
 ## Submit Kernel Changes
 
 Kata Containers packaging repository holds the kernel configs and patches. The
diff --git a/tools/packaging/kernel/build-kernel.sh b/tools/packaging/kernel/build-kernel.sh
index d6fa698573..db237c01b2 100755
--- a/tools/packaging/kernel/build-kernel.sh
+++ b/tools/packaging/kernel/build-kernel.sh
@@ -583,6 +583,10 @@ install_kata() {
 		fi
 	fi
 
+	if [[ ${KERNEL_DEBUG_ENABLED} == "yes" ]]; then
+		suffix="-debug${suffix}"
+	fi
+
 	vmlinuz="vmlinuz-${kernel_version}-${config_version}${suffix}"
 	vmlinux="vmlinux-${kernel_version}-${config_version}${suffix}"