This is simply for my personal reference since I spent a lot of time figuring out how to do this simple thing
I have some RHEL 8.3 servers which I need to have security patches, but it should not upgrade to 8.4. This runs on AWS EC2 instances, and it does not have a subscription manager account. So some of the guides available in Red Hat website is not working. I also tried what is given here, but it did not work also. Eventually, I added the following line into the [main] section/etc/yum.conf and it worked.
exclude=redhat-release*
So my final yum.conf looks like this (Note that this could be different according to your needs)
[main]
gpgcheck=1
installonly_limit=3
clean_requirements_on_remove=True
best=True
skip_if_unavailable=False
exclude=redhat-release*