The product described by this documentation, GKE on AWS, is now in maintenance mode and will be shut down on March 17, 2027.

Kubernetes version notes

Each GKE on AWS release comes with Kubernetes version notes. These are similar to release notes but are specific to a Kubernetes version and might offer more technical detail.

GKE on AWS supports the Kubernetes versions listed in the following sections. If a version isn't included in this file, it's unsupported.

Kubernetes 1.33

1.33.4-gke.900

Kubernetes OSS release notes

Security Fixes
- Fixed CVE-2024-26462
- Fixed CVE-2024-28180
- Fixed CVE-2025-4563
- Fixed CVE-2025-8713
- Fixed CVE-2025-8714
- Fixed CVE-2025-8715
- Fixed CVE-2025-38350
- Fixed CVE-2025-38001
- Fixed CVE-2025-38000
- Fixed CVE-2025-38083
- Fixed CVE-2025-37752
- Fixed CVE-2025-37797
- Fixed CVE-2025-37798
- Fixed CVE-2025-37890
- Fixed CVE-2025-40364
- Fixed CVE-2025-37997

Kubernetes 1.32

1.32.8-gke.600

Kubernetes OSS release notes

Security Fixes
- Fixed CVE-2024-26462
- Fixed CVE-2025-8713
- Fixed CVE-2025-8714
- Fixed CVE-2025-8715
- Fixed CVE-2025-38350
- Fixed CVE-2025-38001
- Fixed CVE-2025-38000
- Fixed CVE-2025-38083
- Fixed CVE-2025-37752
- Fixed CVE-2025-37797
- Fixed CVE-2025-37798
- Fixed CVE-2025-37890
- Fixed CVE-2025-40364
- Fixed CVE-2025-37997

1.32.4-gke.200

Kubernetes OSS release notes

Security Fixes
- Fixed CVE-2016-1585
- Fixed CVE-2024-11053
- Fixed CVE-2024-35255
- Fixed CVE-2024-3596
- Fixed CVE-2024-37370
- Fixed CVE-2024-37371
- Fixed CVE-2024-45310
- Fixed CVE-2024-53164
- Fixed CVE-2024-53164
- Fixed CVE-2024-56770
- Fixed CVE-2024-6119
- Fixed CVE-2024-8096
- Fixed CVE-2024-9681
- Fixed CVE-2025-1094
- Fixed CVE-2025-1094
- Fixed CVE-2025-1352
- Fixed CVE-2025-1372
- Fixed CVE-2025-1376
- Fixed CVE-2025-1377
- Fixed CVE-2025-21700
- Fixed CVE-2025-21701
- Fixed CVE-2025-21702
- Fixed CVE-2025-21703
- Fixed CVE-2025-21756
- Fixed CVE-2025-31115
- Fixed CVE-2025-4207

Kubernetes 1.31

Feature: Added support for sysctl node system configuration already supported by GKE under nodepool.config.linux_node_config.sysctls. This feature is only available via direct API call, and is not supported in any clients. The following are the supported configuration options for the sysctl utility:
- net.core.busy_poll
- net.core.busy_read
- net.core.netdev_max_backlog
- net.core.rmem_max
- net.core.wmem_default
- net.core.wmem_max
- net.core.optmem_max
- net.core.somaxconn
- net.ipv4.tcp_rmem
- net.ipv4.tcp_wmem
- net.ipv4.tcp_tw_reuse
- net.ipv6.conf.all.disable_ipv6
- net.ipv6.conf.default.disable_ipv6
- vm.max_map_count
Feature: The gcloud beta container fleet memberships get-credentials command uses a preview feature of the Connect gateway that lets you run the kubectl port-forward command. For more information, see Limitations in the Connect gateway documentation.
Security Fixes
- Fixed CVE-2019-18276
- Fixed CVE-2021-25743
- Fixed CVE-2022-41723
- Fixed CVE-2023-2431
- Fixed CVE-2023-2727
- Fixed CVE-2023-2728
- Fixed CVE-2023-28452
- Fixed CVE-2023-29406
- Fixed CVE-2023-29409
- Fixed CVE-2023-30464
- Fixed CVE-2023-3446
- Fixed CVE-2023-3676
- Fixed CVE-2023-3817
- Fixed CVE-2023-3955
- Fixed CVE-2023-40577
- Fixed CVE-2023-45142
- Fixed CVE-2023-4911
- Fixed CVE-2023-5678
- Fixed CVE-2023-6992
- Fixed CVE-2024-0727
- Fixed CVE-2024-0793
- Fixed CVE-2024-0874
- Fixed CVE-2024-24557
- Fixed CVE-2024-2511
- Fixed CVE-2024-29018
- Fixed CVE-2024-2961
- Fixed CVE-2024-41110
- Fixed CVE-2024-4741
- Fixed CVE-2024-6104
- Fixed CVE-2024-9143
- Fixed GHSA-87m9-rv8p-rgmg
- Fixed GHSA-jq35-85cj-fj4p
- Fixed GHSA-mh55-gqvf-xfwm
- Fixed CVE-2024-45016
- Fixed CVE-2024-24790

Kubernetes version notes Stay organized with collections Save and categorize content based on your preferences.

Kubernetes 1.33

1.33.4-gke.900

Kubernetes 1.32

1.32.8-gke.600

1.32.4-gke.200

Kubernetes 1.31

1.31.11-gke.400

1.31.7-gke.1000

1.31.6-gke.200

1.31.4-gke.500

1.31.1-gke.1800

Kubernetes version notes