You can see the latest product updates for all of Google Cloud on the Google Cloud page, browse and filter all release notes in the Google Cloud console, or programmatically access release notes in BigQuery.
To get the latest product updates delivered to you, add the URL of this page to your feed reader, or add the feed URL directly.
November 17, 2025
cos-125-19216-104-25
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.55 | v27.5.1 | v2.1.4 | See List |
Backported various TCPDirect networking fixes.
Runtime sysctl changes:
- Changed: fs.file-max: 811458 -> 811512
November 14, 2025
cos-125-19216-104-23
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.55 | v27.5.1 | v2.1.4 | See List |
Updated app-containers/runc to v1.3.3.
Fixed a bug where setting MTU above 9000 on ARM systems with a 64k page size would cause IDPF networking to fail.
Runtime sysctl changes:
- Changed: fs.file-max: 811489 -> 811458
November 11, 2025
cos-125-19216-104-17
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.55 | v27.5.1 | v2.1.4 | See List |
Enabled multiport support for CX-8 devices.
Fixed CVE-2025-40083 in the Linux kernel.
Added support for the Lustre 2.14.0_p224 drivers.
Runtime sysctl changes:
- Changed: fs.file-max: 811455 -> 811489
- Changed: net.ipv4.udp_mem: 188034 250714 376068 -> 188034 250715 376068
Upgraded sys-apps/makedumpfile to v1.7.8.
Enabled HTCP TCP congestion control algorithm as a module.
Fixed a race condition where unmounting file systems monitored by inotify or fanotify could result in kernel crash.
Updated app-containers/containerd to v2.1.4.
Fixed CVE-2025-21833 in the Linux kernel.
Added support for SCSI logging.
Made CX-8 NIC naming order deterministic.
November 07, 2025
cos-125-19216-104-5
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.55 | v27.5.1 | v2.1.3 | See List |
Fixed bcache latency spikes.
Fixed CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881 in app-containers/runc.
Runtime sysctl changes:
- Changed: fs.file-max: 811499 -> 811455
November 03, 2025
cos-125-19216-104-3
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.55 | v27.5.1 | v2.1.3 | See List |
Fixed CVE-2025-40009 in the Linux kernel.
Fixed a TCPX bug which would sometimes incorrectly report devices as being missing when route cache entries were missing or invalidated.
Fixed a bug in cos-extensions which would cause GB200 and GB300 devices not to be detected in one code path, which would result in Imex channels not being created by default.
Fixed CVE-2025-40006 in the Linux kernel.
This is an LTS refresh release.
Runtime sysctl changes:
- Changed: fs.file-max: 811500 -> 811499
- Changed: net.ipv4.udp_mem: 188034 250715 376068 -> 188034 250714 376068
Upgraded dev-lang/go to v1.23.12.
October 27, 2025
cos-125-19216-0-115
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.46 | v27.5.1 | v2.1.3 | See List |
Upgraded sys-apps/pv to v1.9.44.
Fixed CVE-2025-11413, CVE-2025-11414 in binutils-libs.
Updated cos-gpu-installer to v2.5.9. This adds support for installing drivers for GB 300 devices.
Added support for NVIDIA driver v535.274.02 and v570.195.03.
Added GB300 support to cos-extensions.
October 24, 2025
cos-125-19216-0-110
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.46 | v27.5.1 | v2.1.3 | See List |
Added support for A4X-Max NICs.
Upgraded sys-apps/hwdata to v0.400.
Upgraded sys-apps/less to v685.
Reduced gcr_wait_online retry gap.
Added support for NVIDIA GB300 devices.
Fixed CVE-2025-11412 in binutils-libs.
Updated cos-gpu-installer to v2.5.8.
Upgraded sys-apps/pv to v1.9.42.
Fixed CVE-2025-11494 in binutils-libs.
Updated app-containers/runc to v1.2.7.
Runtime sysctl changes:
- Changed: net.ipv4.udp_mem: 188034 250714 376068 -> 188034 250715 376068
Fixed CVE-2025-11495 in binutils-libs.
October 20, 2025
cos-125-19216-0-100
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.46 | v27.5.1 | v2.1.3 | See List |
Fixed CVE-2025-39992 in the Linux kernel.
Fixed CVE-2025-39977 in the Linux kernel.
Fixed CVE-2025-39980 in the Linux kernel.
Runtime sysctl changes:
- Changed: fs.file-max: 811534 -> 811421
- Changed: net.ipv4.udp_mem: 188034 250715 376068 -> 188034 250714 376068
Fixed CVE-2025-39973 in the Linux kernel.
Fixed CVE-2025-39990 in the Linux kernel.
Fixed CVE-2025-38322 in the Linux kernel.
Fixed CVE-2025-39940 in the Linux kernel.
Fixed CVE-2025-39969 in the Linux kernel.
Fixed CVE-2025-39972 in the Linux kernel.
Fixed CVE-2025-39971 in the Linux kernel.
Fixed CVE-2025-39975 in the Linux kernel.
Fixed CVE-2025-39998 in the Linux kernel.
Fixed CVE-2025-39984 in the Linux kernel.
October 17, 2025
cos-125-19216-0-94
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.46 | v27.5.1 | v2.1.3 | See List |
Fixed CVE-2025-39961 in the Linux kernel.
Fixed CVE-2025-41244 in app-emulation/open-vm-tools.
Runtime sysctl changes:
- Changed: fs.file-max: 811514 -> 811534
- Changed: net.ipv4.udp_mem: 188034 250714 376068 -> 188034 250715 376068
Fixed CVE-2025-39965 in the Linux kernel.
Fixed CVE-2025-39963 in the Linux kernel.
Updated the dump capture kernel to v6.12.52.
Fixed KCTF-6bb73db in the Linux Kernel.
Updated golang.org/x/crypto, golang.org/x/net, and golang.org/x/oauth2 in kubelet and kubectl.
Added task information collection to sosreports.
October 13, 2025
cos-125-19216-0-87
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.46 | v27.5.1 | v2.1.3 | See List |
Partially fixed an issue where excessive contention among writeback kworkers when switching a large number of inodes between cgroups could lead to system unresponsiveness.
Fixed CVE-2025-39931 in the Linux kernel.
Fixed CVE-2025-11081, CVE-2025-11082 and CVE-2025-11083 in sys-libs/binutils-libs.
Upgraded app-admin/node-problem-detector to v0.8.22.
Runtime sysctl changes:
- Changed: fs.file-max: 811500 -> 811514
Fixed CVE-2025-39953 in the Linux kernel.
Fixed CVE-2025-39947 in the Linux kernel.
Added support for NVIDIA driver v580.95.05. Updated all latest driver version and default driver versions for NVIDIA_GB200 and NVIDIA_B200 to v580.95.05.
Upgraded sys-apps/hwdata to v0.399.
October 09, 2025
cos-125-19216-0-80
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.46 | v27.5.1 | v2.1.3 | See List |
Updated toolbox container image tag to v20251002.
Runtime sysctl changes:
- Changed: fs.file-max: 811450 -> 811500
- Changed: net.ipv4.udp_mem: 188034 250715 376068 -> 188034 250714 376068
Promoted Milestone 125 to stable.
Fixed KCTF-134121b in the Linux kernel.
October 06, 2025
cos-beta-125-19216-0-76
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.46 | v27.5.1 | v2.1.3 | See List |
Updated dev-python/urllib3 to v1.26.18 and fixed CVE-2025-50181.
Fixed CVE-2025-39926 in the Linux kernel.
Updated dev-python/jinja to v3.1.6. This resolves CVE-2024-56326, CVE-2024-56201 and CVE-2025-27516.
Fixed CVE-2025-39911 in the Linux kernel.
Fixed CVE-2025-39886 in the Linux kernel.
Configured the cos-gpu-installer to use R580 drivers as the default GPU drivers.
Runtime sysctl changes:
- Changed: fs.file-max: 811504 -> 811450
Fixed CVE-2025-39914 in the Linux kernel.
Fixed CVE-2025-22106 in the Linux kernel.
Fixed CVE-2025-39913 in the Linux kernel.
Fixed CVE-2025-39917 in the Linux kernel.
Add support for NVIDIA MFT Tools v4.33.0.
Fixed KCTF-1b34cbb in the Linux kernel.
September 29, 2025
cos-beta-125-19216-0-62
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.46 | v27.5.1 | v2.1.3 | See List |
Fixed CVE-2025-39882 in the Linux kernel.
Fixed CVE-2025-39884 in the Linux kernel.
Fixed KCTF-0aeb54a in the Linux Kernel.
Updated app-admin/node-problem-detector to v0.8.21.
Updated golang.org/x/oauth2, golang.org/x/net, golang.org/x/crypto, and github.com/golang-jwt/jwt/v5 in Docker.
Fixed CVE-2025-39881 in the Linux kernel.
Fixed CVE-2025-39883 in the Linux kernel.
Fixed CVE-2025-40300 in the Linux kernel.
September 24, 2025
cos-beta-125-19216-0-53
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.46 | v27.5.1 | v2.1.3 | See List |
Runtime sysctl changes:
- Changed: fs.file-max: 811500 -> 811534
Upgraded dev-libs/libxml2 to version 2.13.9. This fixes CVE-2025-9714.
Updated the Linux kernel to v6.12.46.
Upgraded dev-libs/libxslt to version 1.1.43-r1.
Updated cos-gpu-installer to v2.5.7.
Added support for the fwctl subsystem and the Mellanox fwctl driver for ARM64.
Enabled Coherent Driver Memory Management by default when installing GPU drivers on GB2000.
Added support for NVIDIA driver v580.82.07. Updated all latest driver version and default driver versions for NVIDIA_GB200 and NVIDIA_B200 to v580.82.07.
September 16, 2025
Fixed a kernel bug which caused boot to fail for n4 machine types.
cos-beta-125-19216-0-47
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.41 | v27.5.1 | v2.1.3 | See List |
Fixed CVE-2025-38571 in the Linux kernel.
Fixed CVE-2025-38639 in the Linux kernel.
Fixed CVE-2025-38588 in the Linux kernel.
Fixed CVE-2025-38614 in the Linux kernel.
Fixed CVE-2025-38645 in the Linux kernel.
Fixed CVE-2025-38565 in the Linux kernel.
Fixed CVE-2025-38587 in the Linux kernel.
Fixed CVE-2025-38608 in the Linux kernel.
Fixed CVE-2025-38572 in the Linux kernel.
Added support for NVIDIA MFT Tools on arm64.
Fixed CVE-2025-38568 in the Linux kernel.
Fixed CVE-2025-38622 in the Linux kernel.
Runtime sysctl changes:
- Changed: fs.file-max: 811507 -> 811500
Added GDRCopy kernel module for NVIDIA drivers.
Fixed CVE-2025-38640 in the Linux kernel.
September 08, 2025
cos-beta-125-19216-0-38
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.41 | v27.5.1 | v2.1.3 | See List |
Runtime sysctl changes:
- Changed: fs.file-max: 811504 -> 811507
Disabled network management by the google-guest-agent.
Fixed CVE-2025-38676 in the Linux kernel.
Added NVIDIA GPU driver's R580 branch. Updated the LATEST GPU driver label to version 580.65.06.
September 02, 2025
cos-beta-125-19216-0-33
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.41 | v27.5.1 | v2.1.3 | See List |
Fixed KCTF-62708b9 in the Linux kernel.
Fixed KCTF-aba0c94 in the Linux kernel.
Fixed CVE-2025-6052 in dev-libs/glib.
Added support for the Lustre 2.14.0_p216 drivers.
Enabled dynamic vlan configuration for non-primary NICs.
Runtime sysctl changes:
- Changed: fs.file-max: 811541 -> 811504
Upgraded sys-apps/hwdata to v0.398.
Added iRDMA support in the Linux kernel.
Fixed KCTF-6db015f in the Linux kernel.
Upgraded sys-apps/file to v5.46-r3.
August 25, 2025
cos-beta-125-19216-0-24
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.41 | v27.5.1 | v2.1.3 | See List |
Added TDX RTMR support.
Added ConnectX-8 RDMA support.
Runtime sysctl changes:
- Changed: fs.file-max: 811484 -> 811541
Fixed KCTF-abad3d0 in the Linux kernel.
Added kernel support for bare-metal on the NVIDIA Grace platform.
Removed the cloud-final.service dependency on multi-user.target which could delay cloud-init user-data scripts indefinitely when long-running startup scripts are used.
Installed app-misc/c_rehash.
Added IPv6 support for machines using the IDPF driver.
Fixed an issue where cpusets cgroups did not work with cgroup v1 enabled.
Enabled the google-guest-agent's network management functionality.
Disabled DNSSEC by default for COS TPU VMs.
August 18, 2025
cos-beta-125-19216-0-12
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.41 | v27.5.1 | v2.1.3 | See List |
Injected IMEX channel char device for GB200 GPUs.
Fix CVE-2025-32414, CVE-2025-32415 in dev-libs/libxml2.
Upgraded dev-lang/go to v1.23.11.
Upgraded dev-libs/expat to v2.7.1.
Patched openssl to fix CVE-2023-50782 affecting dev-python/crytography.
Fixed CVE-2024-48615 in app-arch/libarchive.
Upgraded app-containers/docker to v27.5.1, Upgraded app-containers/docker-test to v27.5.1, Upgraded app-containers/docker-cli to v27.5.1.
Removed an artifact registry ping that would delay multi-user.target indefinitely for machines with no external IP address.
Fixed an issue in containerd that potentially breaks metric collection.
Upgraded dev-db/sqlite to v3.50.3.
Updated systemd to v254.26. This resolves CVE-2025-4598.
Updated cos-gpu-installer to v2.5.5.
Applied Intel patches to add iRDMA support in the Linux kernel.
Upgraded app-admin/sudo to v1.9.17_p2.
Fixed CVE-2025-31498 in net-dns/c-ares.
Upgraded chromeos-base/update_engine-client to v0.0.1-r2480.
Updated containerd to v2.1.3.
Updated the default tag of the GPU driver supporting the NVIDIA H200 GPU device to 570.86.15.
Updated apparmor to v3.1.6. This fixes CVE-2016-1585.
Upgraded sys-apps/hwdata to v0.391.
Upgraded dev-libs/nss to v3.110.
Added support for Nvidia driver version 570.172.08. This fixes CVE-2025-23279.
Upgraded chromeos-base/power_manager-client to v0.0.1-r2969.
Backported support for AMD SEV-SNP SVSM vTPM driver and configfs-tsm addition for extended attestation protocol.
Updated dev-python/python-dateutil to v2.9.0.
Upgraded sysram to version 6.12-0.
Runtime sysctl changes:
- Added: kernel.apparmor_restrict_unprivileged_unconfined: 0
- Added: kernel.core_file_note_size_limit: 4194304
- Added: kernel.core_sort_vma: 0
- Added: net.ipv4.fib_multipath_hash_seed: 0
- Added: net.ipv4.tcp_pingpong_thresh: 1
- Added: net.ipv6.conf.all.ra_honor_pio_life: 0
- Added: net.ipv6.conf.all.ra_honor_pio_pflag: 0
- Added: net.ipv6.conf.all.regen_min_advance: 2
- Added: net.ipv6.conf.default.ra_honor_pio_life: 0
- Added: net.ipv6.conf.default.ra_honor_pio_pflag: 0
- Added: net.ipv6.conf.default.regen_min_advance: 2
- Added: net.ipv6.conf.docker0.ra_honor_pio_life: 0
- Added: net.ipv6.conf.docker0.ra_honor_pio_pflag: 0
- Added: net.ipv6.conf.docker0.regen_min_advance: 2
- Added: net.ipv6.conf.eth0.ra_honor_pio_life: 0
- Added: net.ipv6.conf.eth0.ra_honor_pio_pflag: 0
- Added: net.ipv6.conf.eth0.regen_min_advance: 2
- Added: net.ipv6.conf.lo.ra_honor_pio_life: 0
- Added: net.ipv6.conf.lo.ra_honor_pio_pflag: 0
- Added: net.ipv6.conf.lo.regen_min_advance: 2
- Added: vm.enable_soft_offline: 1
- Changed: fs.epoll.max_user_watches: 1809007 -> 1808517
- Changed: fs.fanotify.max_user_marks: 67544 -> 68412
- Changed: fs.file-max: 811774 -> 811484
- Changed: fs.inotify.max_user_watches: 63425 -> 64189
- Changed: kernel.threads-max: 63487 -> 63178
- Changed: net.ipv4.tcp_mem: 94041 125391 188082 -> 94017 125357 188034
- Changed: net.ipv4.udp_mem: 188085 250783 376170 -> 188034 250715 376068
- Changed: user.max_cgroup_namespaces: 31743 -> 31589
- Changed: user.max_fanotify_marks: 67544 -> 68412
- Changed: user.max_inotify_watches: 63425 -> 64189
- Changed: user.max_ipc_namespaces: 31743 -> 31589
- Changed: user.max_mnt_namespaces: 31743 -> 31589
- Changed: user.max_net_namespaces: 31743 -> 31589
- Changed: user.max_pid_namespaces: 31743 -> 31589
- Changed: user.max_time_namespaces: 31743 -> 31589
- Changed: user.max_user_namespaces: 31743 -> 31589
- Changed: user.max_uts_namespaces: 31743 -> 31589
- Changed: vm.lowmem_reserve_ratio: 256 256 32 0 0 -> 256 256 32 0
- Deleted: kernel.sched_child_runs_first: 0
Fixed CVE-2025-0395 in sys-libs/glibc.
Enabled the Btrfs kernel module.
Upgraded chromeos-base/google-breakpad to v2025.07.23.214511-r244.
Upgraded chromeos-base/session_manager-client to v0.0.1-r2830.
Fixed docker MTU mismatch.
Fixed CVE-20250-3198 in sys-libs/bintuils-libs.
Upgraded virtual/logger to v0-r2.
Upgraded elfutils to v0.193. This fixes CVE-2025-1365, CVE-2025-1371, CVE-2025-1372, and CVE-2025-1377.
Upgraded nvidia-container-toolkit to v1.17.8. This fixes CVE-2025-23266.
Added support for 7th generation TPU devices.
Upgraded net-misc/openssh to 10.0_p1.
iptables-restore.service to start after ipset.service.
Upgraded net-misc/socat to v1.8.0.3.
Reverted a containerd change which reduced the default soft file descriptor limit for processes in containers to 1024.
Added support for the Lustre 2.14.0_p212 drivers.
Fixed CVE-2025-47273 in dev-python/setuptools.
Fixed CVE-2024-23337 in app-misc/jq.
Updated app-editors/nano to v8.5. This resolves CVE-2024-5742.
Updated dev-go/oauth2 to v0.27.0. Fixes CVE-2025-22868.
Modified toolbox to use unified cgroup hierarchy mode instead of hybrid mode when possible.
Upgraded app-benchmarks/microbenchmarks to v0.0.1-r20.
Upgraded app-containers/docker-credential-helpers to v0.9.3.
Upgraded sys-apps/pv to v1.9.34.
Upgraded sys-process/procps to v4.0.5-r2.
Added support for Nvidia driver version 535.261.03. This fixes CVE-2025-23286 and CVE-2025-23279.
Upgraded net-misc/rsync to v3.4.1.
Upgraded sys-apps/ethtool to version 6.11.
Fixed CVE-2025-32728 in net-misc/openssh.
Fixed CVE-2024-6174 and CVE-2024-11584 in cloud-init.
Upgraded net-nds/rpcbind to v1.2.7.
Fixed CVE-2025-46836 in sys-apps/net-tools
Updated cos-gpu-installer to v2.4.8: Add the -skip-nvidia-smi flag to disable the execution of nvidia-smi verification during gpu driver installation.
Upgraded net-misc/wget to v1.25.0. This fixes CVE-2024-10524.
Upgraded chromeos-base/shill-client to v0.0.1-r4879.
Updated the NVIDIA GPU driver policy for New Feature Branch (NFB) drivers. The LATEST tag has been updated to point to the stable 570.133.20 Production Branch. The 575.57.08 NFB driver remains available for development and testing but must now be selected by its specific version number.Removed 575.57.08 NFB driver support for NVIDIA_GB200 machine.
Added NVIDIA 570.133.20 vGPU driver.
Upgrade dpdk-kmods to 9b182be2ee4b.
Upgraded sys-apps/dbus to v1.16.2-r197.
Upgraded app-admin/fluent-bit to v3.2.5.
Upgraded sys-apps/diffutils to v3.11-r2.
Upgraded dev-vcs/git to version 2.49.1. This fixes CVE-2025-48385, CVE-2025-27613, CVE-2025-27614, CVE-2025-48384, CVE-2025-46835.
Upgraded sys-auth/pambase to v20250228.
Updated dev-go/net in policy manager to v0.39.0. This fixes CVE-2025-22870.
Upgraded app-admin/google-guest-configs to v20250718.00.
Upgraded app-admin/google-guest-agent to v20250418.00.
Upgraded sys-apps/grep to v3.12.
Upgraded app-arch/unzip to v6.0_p29.
Upgraded dev-libs/double-conversion to v3.3.1.
Fixed an issue that resulted in missing grub boot measurements in some machine configurations.
Fixed EINTR error in app-container/cni-plugins.
Fixed CVE-2024-9287 in dev-lang/python.
Updated dev-python/botocore to v1.37.9.
Patched a null ptr exception bug in NVIDIA 570.124.06 OSS driver.
Fixed an issue in containerd that prevented some v2 shims from shutting down properly.
Upgraded dev-go/crypto to v0.35.0. This fixes CVE-2025-22869.
Upgraded sys-apps/less to v679.
Upgraded chromeos-base/debugd-client to v0.0.1-r2734.
Upgraded sys-apps/makedumpfile to v1.7.7.
Upgraded net-misc/curl to v8.12.1. This fixes CVE-2025-0167.
Added ARM support for the Lustre v2.14.0 drivers.
Upgrade libarchive to v3.8.1. This fixes CVE-2025-5914.
Upgraded vim, vim-core to version 9.1.1500. This fixes CVE-2025-26603, CVE-2025-27423, CVE-2025-29768, CVE-2025-1215, CVE-2025-24014, CVE-2025-22134.
Upgraded sys-process/lsof to v4.99.5.
Fixed CVE-2024-13176 in dev-libs/openssl.
Updated dev-python/requests to v2.32.4.
Increased kdump memory reservation.
Upgraded dev-libs/openssl to 3.5.1.
Updated dev-python/s3transfer to v0.11.4.
Upgraded chromeos-base/minijail to v18-r168.
Fixed CVE-2024-26130 in dev-python/cryptography.
Upgraded app-containers/runc to v1.2.5, Upgraded app-containers/runc-test to v1.2.5.
Upgraded sys-apps/rootdev to v0.0.1-r51.
Fixed issue where modinfo could not display module signatures.
Upgraded sys-libs/libseccomp to v2.6.0-r2.
Upgraded the Linux kernel to version 6.12.
Upgraded net-misc/netplan to v1.1.2. This fixes CVE-2022-4968.
Upgraded sys-libs/binutils-libs to version 2.45. This fixes CVE-2025-8224,CVE-2025-8225 and CVE-2025-1153.
Updated Python to v3.11.
Updated app-misc/jq to v1.8.1.
Upgraded chromeos-base/chromeos-common-script to v0.0.1-r667.
Added support for NVIDIA GB200 GPU with 570.124.06 GPU driver. This driver version has been assigned the latest, default, and R570 tags for this GPU type.
Upgraded app-admin/node-problem-detector to v0.8.20.
Upgraded dev-libs/libxml2 to v1.12.10. Fixes CVE-2025-27113.
Fixed CVE-2025-0840 in binutils.
Fixed CVE-2025-8058 in glibc.
Upgrade cloud-init to v24.4.1.
Upgraded sys-libs/libcap to v2.76.
Disabled martian logging for ConnectX-7 network cards. These cards only communicate locally, but martian logging during communications with the host can lead to a race condition which causes GID table construction to sometimes fail.
Upgraded sys-apps/which to v2.23.
Upgraded sys-apps/acl to v2.3.2-r2.
Upgraded net-dns/libidn2 to v2.3.8.
Upgraded dev-libs/glib to 2.82.5. This resolves CVE-2024-52533.
Supported NVIDIA MFT Tools on COS.
Added support for Nvidia driver version 575.57.08. Added support for NVIDIA_RTX_PRO_6000 devices.
Update NVIDIA GPU drivers to v535.247.01 for default/ R535 and v570.133.20 for latest/R570. This resolves CVE-2025-23244.
Add support for iRDMA devices.
Upgraded app-arch/gzip to v1.14.
Fixed CVE-2024-53427 in app-misc/jq.