Kubernetes version notes

Each GKE on AWS release comes with Kubernetes version notes. These are similar to release notes but are specific to a Kubernetes version and might offer more technical detail.

GKE on AWS supports the Kubernetes versions listed in the following sections. If a version isn't included in this file, it's unsupported.

Kubernetes 1.32

1.32.4-gke.200

Kubernetes OSS release notes

• Security Fixes
  • Fixed CVE-2016-1585
  • Fixed CVE-2024-11053
  • Fixed CVE-2024-35255
  • Fixed CVE-2024-3596
  • Fixed CVE-2024-37370
  • Fixed CVE-2024-37371
  • Fixed CVE-2024-45310
  • Fixed CVE-2024-53164
  • Fixed CVE-2024-53164
  • Fixed CVE-2024-56770
  • Fixed CVE-2024-6119
  • Fixed CVE-2024-8096
  • Fixed CVE-2024-9681
  • Fixed CVE-2025-1094
  • Fixed CVE-2025-1094
  • Fixed CVE-2025-1352
  • Fixed CVE-2025-1372
  • Fixed CVE-2025-1376
  • Fixed CVE-2025-1377
  • Fixed CVE-2025-21700
  • Fixed CVE-2025-21701
  • Fixed CVE-2025-21702
  • Fixed CVE-2025-21703
  • Fixed CVE-2025-21756
  • Fixed CVE-2025-31115
  • Fixed CVE-2025-4207

Kubernetes 1.31

1.31.7-gke.1000

Kubernetes OSS release notes

• Security Fixes
  • Fixed CVE-2024-53164
  • Fixed CVE-2024-56770
  • Fixed CVE-2025-21700
  • Fixed CVE-2025-21701
  • Fixed CVE-2025-21702
  • Fixed CVE-2025-21756
  • Fixed CVE-2025-31115
  • Fixed CVE-2025-4207

1.31.6-gke.200

Kubernetes OSS release notes

• Security Fixes

  • Fixed CVE-2016-1585
  • Fixed CVE-2024-11053
  • Fixed CVE-2024-3596
  • Fixed CVE-2024-37370
  • Fixed CVE-2024-37371
  • Fixed CVE-2024-6119
  • Fixed CVE-2024-8096
  • Fixed CVE-2024-9681
  • Fixed CVE-2025-1094

1.31.4-gke.500

Kubernetes OSS release notes

• Security Fixes
  • Fixed CVE-2024-10976
  • Fixed CVE-2024-10977
  • Fixed CVE-2024-10978
  • Fixed CVE-2024-10979
  • Fixed CVE-2024-53259
  • Fixed CVE-2024-53057
  • Fixed CVE-2024-46800
  • Fixed CVE-2024-45016
  • Fixed CVE-2024-50264

1.31.1-gke.1800

Kubernetes OSS release notes

• Feature: Added support for sysctl node system configuration already supported by GKE under nodepool.config.linux_node_config.sysctls. This feature is only available via direct API call, and is not supported in any clients. The following are the supported configuration options for the sysctl utility:
  • net.core.busy_poll
  • net.core.busy_read
  • net.core.netdev_max_backlog
  • net.core.rmem_max
  • net.core.wmem_default
  • net.core.wmem_max
  • net.core.optmem_max
  • net.core.somaxconn
  • net.ipv4.tcp_rmem
  • net.ipv4.tcp_wmem
  • net.ipv4.tcp_tw_reuse
  • net.ipv6.conf.all.disable_ipv6
  • net.ipv6.conf.default.disable_ipv6
  • vm.max_map_count
• Feature: The gcloud beta container fleet memberships get-credentials command uses a preview feature of the Connect gateway that lets you run the kubectl port-forward command. For more information, see Limitations in the Connect gateway documentation.
• Security Fixes
  • Fixed CVE-2019-18276
  • Fixed CVE-2021-25743
  • Fixed CVE-2022-41723
  • Fixed CVE-2023-2431
  • Fixed CVE-2023-2727
  • Fixed CVE-2023-2728
  • Fixed CVE-2023-28452
  • Fixed CVE-2023-29406
  • Fixed CVE-2023-29409
  • Fixed CVE-2023-30464
  • Fixed CVE-2023-3446
  • Fixed CVE-2023-3676
  • Fixed CVE-2023-3817
  • Fixed CVE-2023-3955
  • Fixed CVE-2023-40577
  • Fixed CVE-2023-45142
  • Fixed CVE-2023-4911
  • Fixed CVE-2023-5678
  • Fixed CVE-2023-6992
  • Fixed CVE-2024-0727
  • Fixed CVE-2024-0793
  • Fixed CVE-2024-0874
  • Fixed CVE-2024-24557
  • Fixed CVE-2024-2511
  • Fixed CVE-2024-29018
  • Fixed CVE-2024-2961
  • Fixed CVE-2024-41110
  • Fixed CVE-2024-4741
  • Fixed CVE-2024-6104
  • Fixed CVE-2024-9143
  • Fixed GHSA-87m9-rv8p-rgmg
  • Fixed GHSA-jq35-85cj-fj4p
  • Fixed GHSA-mh55-gqvf-xfwm
  • Fixed CVE-2024-45016
  • Fixed CVE-2024-24790

Kubernetes 1.30

1.30.11-gke.800

Kubernetes OSS release notes

• Security Fixes
  • Fixed CVE-2024-53164
  • Fixed CVE-2024-56770
  • Fixed CVE-2025-21700
  • Fixed CVE-2025-21701
  • Fixed CVE-2025-21702
  • Fixed CVE-2025-21756
  • Fixed CVE-2025-31115
  • Fixed CVE-2025-4207

1.30.10-gke.200

Kubernetes OSS release notes

• Security Fixes

  • Fixed CVE-2016-1585
  • Fixed CVE-2024-11053
  • Fixed CVE-2024-3596
  • Fixed CVE-2024-37370
  • Fixed CVE-2024-37371
  • Fixed CVE-2024-6119
  • Fixed CVE-2024-8096
  • Fixed CVE-2024-9681
  • Fixed CVE-2025-1094

1.30.8-gke.100

Kubernetes OSS release notes

• Security Fixes
  • Fixed CVE-2024-10976
  • Fixed CVE-2024-10977
  • Fixed CVE-2024-10978
  • Fixed CVE-2024-10979
  • Fixed CVE-2024-53057
  • Fixed CVE-2024-46800
  • Fixed CVE-2024-45016
  • Fixed CVE-2024-50264

1.30.5-gke.1000

Kubernetes OSS release notes

• Security Fixes:
  • Fixed CVE-2024-24790

1.30.5-gke.200

Kubernetes OSS release notes

• Security Fixes:
  • Fixed CVE-2024-9143
  • Fixed GHSA-87m9-rv8p-rgmg
  • Fixed GHSA-mh55-gqvf-xfwm

1.30.4-gke.400

Kubernetes OSS release notes

• Bug Fix: Fixed an issue of a frequent error message "object has been modified" by updating the csi-snapshotter to version 6.3.3.
• Security Fixes:
  • Fixed CVE-2023-50387
  • Fixed CVE-2023-50868
  • Fixed CVE-2024-0553
  • Fixed CVE-2024-0567
  • Fixed CVE-2024-4603
  • Fixed CVE-2024-7348

1.30.3-gke.100

Kubernetes OSS release notes

• Feature: Added kubeletConfig node system configuration. With this feature, you can specify custom configurations on your node pools, including CPU manager policy, CPU throttling, and process IDs (PIDs).

• Feature: The gcloud beta container fleet memberships get-credentials command uses a preview feature of the Connect gateway that lets you run the kubectl attach, cp, and exec commands. For more information, see Limitations in the Connect gateway documentation.

• Security Fixes:

  • Fixed CVE-2024-21626
  • Fixed CVE-2024-7264
  • Fixed CVE-2024-26642
  • Fixed CVE-2024-26923