The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes
Share
Services
## Security
The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:
* CVE-2024-26925
For more details, see the [GCP-2024-045 security bulletin](https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2024-045).
## Change
### (2024-R25) Version updates
GKE cluster versions have been updated.
**New versions available for upgrades and new clusters.**
The following Kubernetes versions are now available for new clusters and for opt-in control plane upgrades and node upgrades for existing clusters. For more information on versioning and upgrades, see [GKE versioning and support](https://cloud.google.com/kubernetes-engine/versioning)and [Upgrades](https://cloud.google.com/kubernetes-engine/upgrades).
### No channel
**Note:** Your clusters might not have these versions available. Rollouts are already in progress when we publish the release notes, and can take multiple days to complete across all Google Cloud zones.
* Version [1.29.6-gke.1038001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#v1296) is now the default version.
* The following versions are now available:
* [1.27.15-gke.1252000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md#v12715)
* [1.28.11-gke.1260000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md#v12811)
* [1.29.6-gke.1326000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#v1296)
* The following node versions are now available:
* [1.27.15-gke.1252000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md#v12715)
* [1.28.11-gke.1260000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md#v12811)
* [1.29.6-gke.1326000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#v1296)
* The following versions are no longer available:
* 1.27.13-gke.1070002
* 1.27.13-gke.1201002
* 1.27.14-gke.1059001
* 1.27.15-gke.1154000
* 1.28.10-gke.1058001
* 1.28.11-gke.1170000
* 1.29.4-gke.1043004
* 1.29.5-gke.1091001
* 1.29.6-gke.1254000
* Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version [1.27.14-gke.1042001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md#v12714) with this release.
* Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version [1.27.14-gke.1042001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md#v12714) with this release.
* Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version [1.28.11-gke.1019001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md#v12811) with this release.
* Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version [1.29.6-gke.1038001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#v1296) with this release.
### Stable channel
**Note:** Your clusters might not have these versions available. Rollouts are already in progress when we publish the release notes, and can take multiple days to complete across all Google Cloud zones.
* Version [1.29.5-gke.1091002](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#v1295) is now the default version in the Stable channel.
* The following versions are no longer available in the Stable channel:
* 1.27.13-gke.1201002
* 1.28.9-gke.1289002
* 1.28.10-gke.1058001
* 1.29.4-gke.1043004
* 1.29.5-gke.1091001
* Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version [1.27.14-gke.1042001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md#v12714) with this release.
* Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version [1.27.14-gke.1042001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md#v12714) with this release.
* Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version [1.28.10-gke.1075001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md#v12810) with this release.
* Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version [1.29.5-gke.1091002](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#v1295) with this release.
### Regular channel
**Note:** Your clusters might not have these versions available. Rollouts are already in progress when we publish the release notes, and can take multiple days to complete across all Google Cloud zones.
* Version [1.29.6-gke.1038001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#v1296) is now the default version in the Regular channel.
* The following versions are no longer available in the Regular channel:
* 1.27.14-gke.1042001
* 1.27.14-gke.1059001
* 1.28.10-gke.1075001
* 1.29.5-gke.1091002
* Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version [1.27.14-gke.1059002](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md#v12714) with this release.
* Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version [1.27.14-gke.1059002](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md#v12714) with this release.
* Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version [1.28.11-gke.1019001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md#v12811) with this release.
* Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version [1.29.6-gke.1038001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#v1296) with this release.
* Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version [1.29.6-gke.1038001](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#v1296) with this release.
### Rapid channel
**Note:** Your clusters might not have these versions available. Rollouts are already in progress when we publish the release notes, and can take multiple days to complete across all Google Cloud zones.
* The following versions are now available in the Rapid channel:
* [1.27.15-gke.1252000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md#v12715)
* [1.28.11-gke.1260000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md#v12811)
* [1.29.6-gke.1326000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#v1296)
* [1.30.2-gke.1587000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.30.md#v1302)
* The following versions are no longer available in the Rapid channel:
* 1.27.15-gke.1154000
* 1.28.11-gke.1019001
* 1.28.11-gke.1170000
* 1.29.6-gke.1254000
* 1.30.2-gke.1447000
* Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version [1.28.11-gke.1172000](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md#v12811) with this release.
## Fix
GKE Autopilot now supports opportunistic bursting and lower Pod minimums upon cluster creation or upgrade to 1.30.2-gke.1394000 or later, resolving a previous issue with containerd.