Each GKE on AWS release comes with Kubernetes version notes. These are similar to release notes but are specific to a Kubernetes version and might offer more technical detail.
GKE on AWS supports the Kubernetes versions listed in the following sections. If a version isn't included in this file, it's unsupported.
Kubernetes 1.32
1.32.4-gke.200
- Security Fixes
- Fixed CVE-2016-1585
- Fixed CVE-2024-11053
- Fixed CVE-2024-35255
- Fixed CVE-2024-3596
- Fixed CVE-2024-37370
- Fixed CVE-2024-37371
- Fixed CVE-2024-45310
- Fixed CVE-2024-53164
- Fixed CVE-2024-53164
- Fixed CVE-2024-56770
- Fixed CVE-2024-6119
- Fixed CVE-2024-8096
- Fixed CVE-2024-9681
- Fixed CVE-2025-1094
- Fixed CVE-2025-1094
- Fixed CVE-2025-1352
- Fixed CVE-2025-1372
- Fixed CVE-2025-1376
- Fixed CVE-2025-1377
- Fixed CVE-2025-21700
- Fixed CVE-2025-21701
- Fixed CVE-2025-21702
- Fixed CVE-2025-21703
- Fixed CVE-2025-21756
- Fixed CVE-2025-31115
- Fixed CVE-2025-4207
Kubernetes 1.31
1.31.7-gke.1000
- Security Fixes
- Fixed CVE-2024-53164
- Fixed CVE-2024-56770
- Fixed CVE-2025-21700
- Fixed CVE-2025-21701
- Fixed CVE-2025-21702
- Fixed CVE-2025-21756
- Fixed CVE-2025-31115
- Fixed CVE-2025-4207
1.31.6-gke.200
Security Fixes
- Fixed CVE-2016-1585
- Fixed CVE-2024-11053
- Fixed CVE-2024-3596
- Fixed CVE-2024-37370
- Fixed CVE-2024-37371
- Fixed CVE-2024-6119
- Fixed CVE-2024-8096
- Fixed CVE-2024-9681
- Fixed CVE-2025-1094
1.31.4-gke.500
- Security Fixes
- Fixed CVE-2024-10976
- Fixed CVE-2024-10977
- Fixed CVE-2024-10978
- Fixed CVE-2024-10979
- Fixed CVE-2024-53259
- Fixed CVE-2024-53057
- Fixed CVE-2024-46800
- Fixed CVE-2024-45016
- Fixed CVE-2024-50264
1.31.1-gke.1800
- Feature: Added support for
sysctl
node system configuration already supported by GKE undernodepool.config.linux_node_config.sysctls
. This feature is only available via direct API call, and is not supported in any clients. The following are the supported configuration options for thesysctl
utility:net.core.busy_poll
net.core.busy_read
net.core.netdev_max_backlog
net.core.rmem_max
net.core.wmem_default
net.core.wmem_max
net.core.optmem_max
net.core.somaxconn
net.ipv4.tcp_rmem
net.ipv4.tcp_wmem
net.ipv4.tcp_tw_reuse
net.ipv6.conf.all.disable_ipv6
net.ipv6.conf.default.disable_ipv6
vm.max_map_count
- Feature: The
gcloud beta container fleet memberships get-credentials
command uses a preview feature of the Connect gateway that lets you run thekubectl port-forward
command. For more information, see Limitations in the Connect gateway documentation. - Security Fixes
- Fixed CVE-2019-18276
- Fixed CVE-2021-25743
- Fixed CVE-2022-41723
- Fixed CVE-2023-2431
- Fixed CVE-2023-2727
- Fixed CVE-2023-2728
- Fixed CVE-2023-28452
- Fixed CVE-2023-29406
- Fixed CVE-2023-29409
- Fixed CVE-2023-30464
- Fixed CVE-2023-3446
- Fixed CVE-2023-3676
- Fixed CVE-2023-3817
- Fixed CVE-2023-3955
- Fixed CVE-2023-40577
- Fixed CVE-2023-45142
- Fixed CVE-2023-4911
- Fixed CVE-2023-5678
- Fixed CVE-2023-6992
- Fixed CVE-2024-0727
- Fixed CVE-2024-0793
- Fixed CVE-2024-0874
- Fixed CVE-2024-24557
- Fixed CVE-2024-2511
- Fixed CVE-2024-29018
- Fixed CVE-2024-2961
- Fixed CVE-2024-41110
- Fixed CVE-2024-4741
- Fixed CVE-2024-6104
- Fixed CVE-2024-9143
- Fixed GHSA-87m9-rv8p-rgmg
- Fixed GHSA-jq35-85cj-fj4p
- Fixed GHSA-mh55-gqvf-xfwm
- Fixed CVE-2024-45016
- Fixed CVE-2024-24790
Kubernetes 1.30
1.30.11-gke.800
- Security Fixes
- Fixed CVE-2024-53164
- Fixed CVE-2024-56770
- Fixed CVE-2025-21700
- Fixed CVE-2025-21701
- Fixed CVE-2025-21702
- Fixed CVE-2025-21756
- Fixed CVE-2025-31115
- Fixed CVE-2025-4207
1.30.10-gke.200
Security Fixes
- Fixed CVE-2016-1585
- Fixed CVE-2024-11053
- Fixed CVE-2024-3596
- Fixed CVE-2024-37370
- Fixed CVE-2024-37371
- Fixed CVE-2024-6119
- Fixed CVE-2024-8096
- Fixed CVE-2024-9681
- Fixed CVE-2025-1094
1.30.8-gke.100
- Security Fixes
- Fixed CVE-2024-10976
- Fixed CVE-2024-10977
- Fixed CVE-2024-10978
- Fixed CVE-2024-10979
- Fixed CVE-2024-53057
- Fixed CVE-2024-46800
- Fixed CVE-2024-45016
- Fixed CVE-2024-50264
1.30.5-gke.1000
- Security Fixes:
- Fixed CVE-2024-24790
1.30.5-gke.200
- Security Fixes:
- Fixed CVE-2024-9143
- Fixed GHSA-87m9-rv8p-rgmg
- Fixed GHSA-mh55-gqvf-xfwm
1.30.4-gke.400
- Bug Fix: Fixed an issue of a frequent error message "object has been modified" by updating the
csi-snapshotter
to version 6.3.3. - Security Fixes:
- Fixed CVE-2023-50387
- Fixed CVE-2023-50868
- Fixed CVE-2024-0553
- Fixed CVE-2024-0567
- Fixed CVE-2024-4603
- Fixed CVE-2024-7348
1.30.3-gke.100
Feature: Added
kubeletConfig
node system configuration. With this feature, you can specify custom configurations on your node pools, including CPU manager policy, CPU throttling, and process IDs (PIDs).Feature: The
gcloud beta container fleet memberships get-credentials
command uses a preview feature of the Connect gateway that lets you run thekubectl
attach
,cp
, andexec
commands. For more information, see Limitations in the Connect gateway documentation.Security Fixes:
- Fixed CVE-2024-21626
- Fixed CVE-2024-7264
- Fixed CVE-2024-26642
- Fixed CVE-2024-26923