You can see the latest product updates for all of Google Cloud on the Google Cloud page, browse and filter all release notes in the Google Cloud console, or programmatically access release notes in BigQuery.
To get the latest product updates delivered to you, add the URL of this page to your feed reader, or add the feed URL directly.
February 20, 2026
cos-beta-129-19506-0-17
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.12.67 | v27.5.1 | v2.2.0 | See List |
Added kernel support for bare-metal on the NVIDIA Grace platform.
Added support for A4X-Max NICs.
Applied ethtool ring length changes to a4x's first Diorite interface.
Enabled Coherent Driver Memory Management by default when installing GPU drivers on GB2000.
Changed the mount options for /mnt/disks to noexec.
Updated CONFIG_BLK_DEV_LOOP_MIN_COUNT to 0. This allows unlimited loop devices.
Updated app-containers/containerd to v2.2.0.
Updated app-containers/runc to v1.4.0.
Updated dev-libs/openssl to v3.5.4.
Updated the Linux kernel to v6.12.67.
Upgraded dev-libs/json-c from 0.16-r1 to 0.18.0.
Upgraded dev-libs/libuv from 1.43.0 to 1.51.0-r1.
Upgraded dev-util/cmake from 3.26.4 to 3.31.9.
Added CPU balloon support for ARM CPUs.
Added ConnectX-8 RDMA support.
Added GB300 support to cos-extensions.
Added GDRCopy kernel module for NVIDIA drivers.
Added IPv6 support for machines using the IDPF driver.
Added TDX RTMR support.
Added guest support for paravirtualization of cpuids on ARM machines.
Added iRDMA support in the Linux kernel.
Added patches to handle IDPF tx timeouts.
Added support for CASFS (Content Addressable Storage File System) as a kernel module.
Added support for NVIDIA GB300 devices.
Added support for NVIDIA MFT Tools on arm64.
Added support for NVIDIA driver v535.288.01, v570.211.01 and v580.126.09.
Added support for NVIDIA driver v580.105.08 and set it as the default version for all GPU types.
Added support for SCSI logging.
Added support for the Lustre 2.14.0_p224 drivers.
Added support for the fwctl subsystem and the Mellanox fwctl driver for ARM64.
Added support for zswap in the Linux kernel.
Backported support for AMD SEV-SNP SVSM vTPM driver and configfs-tsm addition for extended attestation protocol.
Configured the cos-gpu-installer to use R580 drivers as the default GPU drivers.
Disabled DNSSEC by default for COS TPU VMs.
Enabled HTCP TCP congestion control algorithm as a module.
Enabled KVM for COS ARM64.
Enabled Software Watchdog as a module.
Enabled automatic loading of RDMA kernel modules when CX-8 devices are detected.
Enabled dynamic vlan configuration for non-primary NICs.
Enabled hardware optimized SHA256 algorithms for x86 machines with SSSE3 and AVX/AVX2 instructions and ARM64 machines with SHA-NI and ARMv8 Crypto Extensions.
Enabled the Btrfs kernel module.
Enabled the google-guest-agent's network management functionality.
Fixed a bug in cos-extensions which would cause GB200 and GB300 devices not to be detected in one code path, which would result in Imex channels not being created by default.
Removed the cloud-final.service dependency on multi-user.target which could delay cloud-init user-data scripts indefinitely when long-running startup scripts are used.
Removed the futility program from the root file system.
Add support for NVIDIA MFT Tools v4.33.0.
Added binary auth-provider-gcp.
Added support for NVIDIA driver v535.274.02 and v570.195.03.
Added support for the Lustre 2.14.0_p216 drivers.
Backported various TCPDirect networking fixes.
Enabled multiport support for CX-8 devices.
Fixed a TCPX bug which would sometimes incorrectly report devices as being missing when route cache entries were missing or invalidated.
Fixed a bug where setting MTU above 9000 on ARM systems with a 64k page size would cause IDPF networking to fail.
Fixed a kernel bug which caused boot to fail for n4 machine types.
Fixed an issue in app-containers/runc that caused runc to use more file descriptors than intended.
Fixed an issue where cpusets cgroups did not work with cgroup v1 enabled.
Fixed an issue where the cpuidle driver selected for some machine types would cause inflated reports of high CPU usage.
Fixed bcache latency spikes.
Installed app-misc/c_rehash.
Made CX-8 NIC naming order deterministic.
Made the google-guest-agent more resilient to network link flakes.
Partially fixed an issue where excessive contention among writeback kworkers when switching a large number of inodes between cgroups could lead to system unresponsiveness.
Reduced gcr_wait_online retry gap.
Removed an artifact registry ping that would delay multi-user.target indefinitely for machines with no external IP address.
Reverted a containerd change which reduced the default soft file descriptor limit for processes in containers to 1024.
Reverted a containerd change which reduced the default soft file descriptor limit for processes in containers to 1024.
Updated app-admin/node-problem-detector to 0.8.21.
Updated app-containers/cni-plugins to 1.7.1.
Updated app-containers/cri-tools to 1.32.0.
Updated cos-gpu-installer to v2.5.10.
Updated dev-python/requests to v2.32.4.
Updated golang.org/x/crypto, golang.org/x/net, and golang.org/x/oauth2 in kubelet and kubectl.
Updated golang.org/x/oauth2, golang.org/x/net, golang.org/x/crypto, and github.com/golang-jwt/jwt/v5 in Docker.
Updated kubelet and kubectl to v1.35.0.
Updated net-misc/chrony to v4.8.
Updated sys-libs/readline to v8.3.
Updated app-admin/google-osconfig-agent to v20250522.00.
Updated the dump capture kernel to v6.12.52.
Updated toolbox container image tag to v20251002.
Upgraded app-admin/fluent-bit to v4.2.2.
Upgraded app-admin/node-problem-detector to v0.8.25.
Upgraded app-admin/oslogin to v20260116.00.
Upgraded app-admin/sosreport to v4.10.2.
Upgraded app-admin/sudo to v1.9.17_p2.
Upgraded app-benchmarks/microbenchmarks to v0.0.1-r21.
Upgraded app-containers/cni-plugins to v1.9.0.
Upgraded app-containers/docker-credential-gcr to v2.1.31
Upgraded app-containers/docker-credential-helpers to v0.9.5.
Upgraded app-crypt/mit-krb5 from version 1.20.1 to version 1.22.1.
Upgraded app-emulation/cloud-init to v25.1.4.
Upgraded app-shells/bash to v5.3.
Upgraded chromeos-base/chromeos-common-script to v0.0.1-r668.
Upgraded chromeos-base/chromeos-common-script to v0.0.1-r671.
Upgraded chromeos-base/debugd-client to v0.0.1-r2737.
Upgraded chromeos-base/google-breakpad to v2026.01.16.201758-r268.
Upgraded chromeos-base/minijail to v18-r168.
Upgraded chromeos-base/power_manager-client to v0.0.1-r2972.
Upgraded chromeos-base/session_manager-client to v0.0.1-r2833.
Upgraded chromeos-base/shill-client to v0.0.1-r4879.
Upgraded dev-db/sqlite to v3.50.3.
Upgraded dev-db/sqlite to v3.50.4.
Upgraded dev-db/sqlite to v3.51.1.
Upgraded dev-lang/go to v1.23.11.
Upgraded dev-lang/go to v1.23.12.
Upgraded dev-libs/expat to v2.7.3.
Upgraded dev-libs/libxslt to version 1.1.43-r1.
Upgraded dev-libs/nss to 3.117 and dev-libs/nspr to 4.37.
Upgraded dev-libs/openssl to 3.5.1.
Upgraded dev-python/coverage to v7.10.7.
Upgraded google-guest-configs to v20260121.00.
Upgraded net-dns/c-ares to v1.34.6.
Upgraded net-libs/gnutls to v3.8.11.
Upgraded net-libs/libtirpc to v1.3.7-r2.
Upgraded net-misc/curl from 8.12.1 to 8.17.0.
Upgraded net-misc/openssh to 10.0_p1.
Upgraded net-misc/rsync to v3.4.1-r2.
Upgraded net-misc/socat to v1.8.1.0-r1.
Upgraded net-misc/wget to v1.25.0-r1.
Upgraded net-nds/rpcbind to v1.2.8.
Upgraded sys-apps/dmidecode to v3.7.
Upgraded sys-apps/file to v5.46-r3.
Upgraded sys-apps/gentoo-functions to v1.7.4.
Upgraded sys-apps/hwdata to v0.400.
Upgraded sys-apps/kmod to v34.2.
Upgraded sys-apps/less to v692.
Upgraded sys-apps/makedumpfile to v1.7.8.
Upgraded sys-apps/nvme-cli from version 1.6-r1 to version 2.16, added package sys-libs/libnvme.
Upgraded sys-apps/pv to v1.10.1.
Upgraded sys-apps/pv to v1.10.2.
Upgraded sys-apps/pv to v1.10.3.
Upgraded sys-apps/pv to v1.9.34.
Upgraded sys-apps/pv to v1.9.42.
Upgraded sys-apps/pv to v1.9.44.
Upgraded sys-auth/pambase to v20251104.
Upgraded sys-libs/libcap to v2.77.
Upgraded sys-libs/libseccomp to v2.6.0-r3.
Upgraded sys-process/audit to 4.0.2-r1.
Upgraded sys-process/lsof to v4.99.5.
Upgraded sys-process/procps to v4.0.5-r3.
Upgraded virtual/logger to v0-r2.
upgraded net-fs/cifs-utils to v7.4.
Added support for Nvidia driver version 535.261.03. This fixes CVE-2025-23286 and CVE-2025-23279.
Added support for Nvidia driver version 570.172.08. This fixes CVE-2025-23279.
Fixed CVE-2025-11081, CVE-2025-11082 and CVE-2025-11083 in sys-libs/binutils-libs.
Fixed CVE-2025-11412 in binutils-libs.
Fixed CVE-2025-11413 and CVE-2025-11414 in binutils-libs.
Fixed CVE-2025-11494 in binutils-libs.
Fixed CVE-2025-11495 in binutils-libs.
Fixed CVE-2025-12084 in dev-lang/python.
Fixed CVE-2025-13836 in dev-lang/python.
Fixed CVE-2025-13837 in dev-lang/python.
Fixed CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881 in app-containers/runc.
Fixed CVE-2025-40147 in the Linux kernel.
Fixed CVE-2025-40212 in the Linux kernel.
Fixed CVE-2025-40256 in the Linux kernel.
Fixed CVE-2025-47914 and CVE-2025-58181 in dev-go/crypto.
Fixed CVE-2025-6052 in dev-libs/glib.
Fixed CVE-2025-61727 in dev-lang/go.
Fixed CVE-2025-61729 in dev-lang/go.
Fixed CVE-2025-66471 and CVE-2025-66418 in dev-python/urllib3.
Fixed CVE-2025-8058 in glibc.
Fixed CVE-2026-21441 in dev-python/urllib3.
Fixed KCTF-01d3c84 in the Linux kernel.
Fixed KCTF-134121b in the Linux kernel.
Fixed KCTF-2397e92 in the Linux kernel.
Fixed KCTF-50da4b9 in the Linux kernel.
Fixed KCTF-60e6489 in the Linux Kernel.
Fixed KCTF-6bb73db in the Linux Kernel.
Fixed KCTF-abad3d0 in the Linux kernel.
Fixed KCTF-b441cf3 in the Linux kernel.
Fixed KCTF-f41c5d1 in the Linux kernel.
Fixed KCTF-f8db647 in the Linux kernel.
Updated dev-libs/libxml2 to version 2.14.6. This resolves CVE-2025-6021.
Updated dev-python/jinja to v3.1.6. This resolves CVE-2024-56326, CVE-2024-56201 and CVE-2025-27516.
Updated dev-python/urllib3 to v2.5.0. This resolves CVE-2025-50181.
Updated sys-apps/coreutils to v9.5. This resolves CVE-2024-0684.
Upgraded dev-libs/glib to 2.82.5. This resolves CVE-2024-52533.
Upgraded dev-vcs/git to version 2.49.1. This fixes CVE-2025-48385, CVE-2025-27613, CVE-2025-27614, CVE-2025-48384, CVE-2025-46835.
Upgraded net-misc/netplan to 1.1.2. This fixes CVE-2022-4968.
Upgraded open-vm-tools to 13.0.5. This fixes CVE-2025-41244 in anthos variant.
Upgraded sys-libs/binutils-libs to version 2.45. This fixes CVE-2025-8224,CVE-2025-8225 and CVE-2025-1153.
Upgraded urllib3 to version 1.26.18. This fixes CVE-2021-33503, CVE-2023-43804, and CVE-2023-45803.
Upgraded vim & vim-core to version 9.1.1652. This fixes CVE-2025-53905, CVE-2025-53906, CVE-2025-9390.
Runtime sysctl changes:
- Changed: net.ipv4.udp_mem: 188034 250714 376068 -> 188034 250715 376068