gcp Google Cloud release notes · May 26, 2026

Container Optimized OS Updates Address Security Vulnerabilities

securityinfragcpsecurity-advisoryengineer

security patch announcement

This release of Google Container Optimized OS includes multiple package upgrades and patches to address numerous security vulnerabilities, primarily in the Linux kernel, Go, and curl. The updates ensure system security and stability for users running COS. The changes are available now for all users.

→cos-129-19506-120-115
→cos-125-19216-395-47
→cos-121-18867-381-144
→cos-117-18613-613-25

Security (41) ›

Container Optimized OS

Fixed CVE-2026-23171 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-31419 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-31430 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-31709 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-43074 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-43088 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-44431 in dev-python/urllib3.
Container Optimized OS

Fixed CVE-2026-6732 in dev-libs/libxml2.
Container Optimized OS

Fixed EFI variable OOB read in grub config parsing.
Container Optimized OS

Fixed KCTF-9e6bf14 in the Linux kernel.
Container Optimized OS

Updated dev-lang/go to 1.25.10. This fixes CVE-2026-32289,CVE-2026-32282,CVE-2026-32288,CVE-2026-27142,CVE-2025-61728,CVE-2026-27139,CVE-2026-39817,CVE-2026-39819,CVE-2025-68119,CVE-2025-61732,CVE-2026-32280,CVE-2026-25679,CVE-2026-27144,CVE-2026-32283,CVE-2026-27140,CVE-2025-61731,CVE-2026-32281,CVE-2025-61726,CVE-2025-68121,CVE-2026-27143,CVE-2026-39826,CVE-2026-39823,CVE-2026-39825,CVE-2026-33814,CVE-2026-39820,CVE-2026-42499,CVE-2026-39836.
Container Optimized OS

Updated net-misc/curl to v8.20. This fixes CVE-2026-5545,CVE-2026-4873,CVE-2026-6429,CVE-2026-7168,CVE-2026-6253,CVE-2026-6276,CVE-2026-7009,CVE-2026-5773.
Container Optimized OS

Fixed CVE-2026-23171 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-31419 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-31709 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-43088 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-44431 in dev-python/urllib3.
Container Optimized OS

Fixed CVE-2026-6732 in dev-libs/libxml2.
Container Optimized OS

Fixed KCTF-9e6bf14 in the Linux kernel.
Container Optimized OS

Updated dev-lang/go to 1.25.10. This fixes CVE-2026-42499,CVE-2026-39820,CVE-2026-39826,CVE-2026-33814,CVE-2026-39836,CVE-2026-39823,CVE-2026-39825,CVE-2026-39817,CVE-2026-39819.
Container Optimized OS

Updated net-misc/curl to v8.20. This fixes CVE-2026-5545,CVE-2026-4873,CVE-2026-6429,CVE-2026-7168,CVE-2026-6253,CVE-2026-6276,CVE-2026-7009,CVE-2026-5773.
Container Optimized OS

Fixed CVE-2026-23171 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-23473 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-31449 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-31709 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-43109 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-44431 in dev-python/urllib3.
Container Optimized OS

Fixed CVE-2026-6732 in dev-libs/libxml2.
Container Optimized OS

Fixed KCTF-9e6bf14 in the Linux kernel.
Container Optimized OS

Updated dev-lang/go to 1.25.10. This fixes CVE-2026-33814,CVE-2026-39823,CVE-2026-39826,CVE-2026-39817,CVE-2026-39819,CVE-2026-39820,CVE-2026-39836,CVE-2026-42499,CVE-2026-39825.
Container Optimized OS

Updated net-misc/curl to v8.20. This fixes CVE-2026-5545,CVE-2026-4873,CVE-2026-6429,CVE-2026-7168,CVE-2026-6253,CVE-2026-6276,CVE-2026-7009,CVE-2026-5773.
Container Optimized OS

Fixed CVE-2026-23171 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-23473 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-31449 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-31709 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-43109 in the Linux kernel.
Container Optimized OS

Fixed CVE-2026-44431 in dev-python/urllib3.
Container Optimized OS

Fixed CVE-2026-6732 in dev-libs/libxml2.
Container Optimized OS

Fixed KCTF-9e6bf14 in the Linux kernel.
Container Optimized OS

Updated dev-lang/go to 1.25.10. This fixes CVE-2026-39817,CVE-2026-39825,CVE-2026-33814,CVE-2026-39819,CVE-2026-39826,CVE-2026-39823,CVE-2026-39820,CVE-2026-42499,CVE-2026-39836.
Container Optimized OS

Updated net-misc/curl to v8.20. This fixes CVE-2026-5545,CVE-2026-4873,CVE-2026-6429,CVE-2026-7168,CVE-2026-6253,CVE-2026-6276,CVE-2026-7009,CVE-2026-5773.

Enhancements (23) ›

Container Optimized OS cos-129-19506-120-115

Kernel Docker Containerd GPU Drivers COS-6.12.77 v27.5.1 v2.2.3 See List

GPU Drivers COS-6.12.77 See List
Container Optimized OS

Added support for the swiotlb=any kernel command line parameter.
Container Optimized OS

Update sys-process/audit to v3.0.9.
Container Optimized OS

Updated glib to v2.86.5.
Container Optimized OS

Updated sys-libs/pam to v1.5.3.
Container Optimized OS

Upgraded net-misc/openssh to v10.0_p2.
Container Optimized OS cos-125-19216-395-47

Kernel Docker Containerd GPU Drivers COS-6.12.85 v27.5.1 v2.1.7 See List

GPU Drivers COS-6.12.85 See List
Container Optimized OS

Added support for the swiotlb=any kernel command line parameter.
Container Optimized OS

Update sys-process/audit to v3.0.9.
Container Optimized OS

Updated glib to v2.86.5.
Container Optimized OS

Upgrade app-admin/fluent-bit to v3.2.10
Container Optimized OS

Updated sys-libs/pam to v1.5.3.
Container Optimized OS

Upgraded net-misc/openssh to v10.0_p2.
Container Optimized OS cos-121-18867-381-144

Kernel Docker Containerd GPU Drivers COS-6.6.137 v27.5.1 v2.0.8 See List

GPU Drivers COS-6.6.137 See List
Container Optimized OS

Update sys-process/audit to v3.0.9.
Container Optimized OS

Upgrade app-admin/fluent-bit to v3.2.10
Container Optimized OS

Updated glib to v2.86.5.
Container Optimized OS

Updated sys-libs/pam to v1.5.3.
Container Optimized OS cos-117-18613-613-25

Kernel Docker Containerd GPU Drivers COS-6.6.137 v24.0.9 v1.7.31 See List

GPU Drivers COS-6.6.137 See List
Container Optimized OS

Update sys-process/audit to v3.0.9.
Container Optimized OS

Updated glib to v2.86.5.
Container Optimized OS

Updated sys-libs/pam to v1.5.3.
Container Optimized OS

Upgraded app-containers/containerd from v1.7.29 to v1.7.31.

Fixes (6) ›

Container Optimized OS

Fixed a crash that occurs when using the configfile or source GRUB2 commands when Secure Boot is enabled.
Container Optimized OS

Fixed a race condition triggered by ext4 online resize that rarely causes machines to fail to boot.
Container Optimized OS

Upgraded cos-gpu-installer to v2.7.2.
Container Optimized OS

Fixed a crash that occurs when using the configfile or source GRUB2 commands when Secure Boot is enabled.
Container Optimized OS

Upgraded cos-gpu-installer to v2.7.2.
Container Optimized OS

Upgraded cos-gpu-installer to v2.7.2.

Notes (4) ›

Container Optimized OS

This update contains several package upgrades to the latest patch version to ensure security, along with package patches for known CVEs.
Container Optimized OS

This update contains several package upgrades to the latest patch version to ensure security, along with package patches for known CVEs.
Container Optimized OS

This update contains several package upgrades to the latest patch version to ensure security, along with package patches for known CVEs.
Container Optimized OS

This update contains several package upgrades to the latest patch version to ensure security, along with package patches for known CVEs.

Read the original announcement →

https://docs.cloud.google.com/release-notes#May_26_2026