Flatcar Container Linux Release - October 13th, 2025

# Flatcar Container Linux Release - October 13th, 2025 ## Alpha 4487.0.1 - AMD64-usr - Platforms succeeded: All - Platforms failed: None - Platforms not tested: None - ARM64-usr - Platforms succeeded: All - Platforms failed: None - Platforms not tested: None VERDICT: _NO_GO_ / _GO_ / _WAIT_ ## Communication --- #### Guidelines / Things to Remember - Release notes are used in a PR and will appear on https://www.flatcar.org/releases/ - [Announcement Message](#Announcement-Message) is posted in [Flatcar-Linux-user](https://groups.google.com/g/flatcar-linux-user). Make sure to post as “Flatcar Container Linux User”, not with your personal user (this can be selected when drafting the post). - Make sure the the LTS is referred to as `LTS-2021`, and not `LTS-2605` --- ### Announcement Message Subject: Announcing new releases Alpha 4487.0.1 Hello, We are pleased to announce a new Flatcar Container Linux release for the Alpha channel. #### Alpha 4487.0.1 release _Changes since **Alpha 4487.0.0**_ #### Security fixes: - Linux ([CVE-2025-40107](https://nvd.nist.gov/vuln/detail/CVE-2025-40107), [CVE-2025-40028](https://nvd.nist.gov/vuln/detail/CVE-2025-40028), [CVE-2025-40027](https://nvd.nist.gov/vuln/detail/CVE-2025-40027), [CVE-2025-40026](https://nvd.nist.gov/vuln/detail/CVE-2025-40026), [CVE-2025-40000](https://nvd.nist.gov/vuln/detail/CVE-2025-40000), [CVE-2025-39995](https://nvd.nist.gov/vuln/detail/CVE-2025-39995), [CVE-2025-40052](https://nvd.nist.gov/vuln/detail/CVE-2025-40052), [CVE-2025-40061](https://nvd.nist.gov/vuln/detail/CVE-2025-40061), [CVE-2025-40060](https://nvd.nist.gov/vuln/detail/CVE-2025-40060), [CVE-2025-40059](https://nvd.nist.gov/vuln/detail/CVE-2025-40059), [CVE-2025-40058](https://nvd.nist.gov/vuln/detail/CVE-2025-40058), [CVE-2025-40057](https://nvd.nist.gov/vuln/detail/CVE-2025-40057), [CVE-2025-40056](https://nvd.nist.gov/vuln/detail/CVE-2025-40056), [CVE-2025-40055](https://nvd.nist.gov/vuln/detail/CVE-2025-40055), [CVE-2025-40081](https://nvd.nist.gov/vuln/detail/CVE-2025-40081), [CVE-2025-40080](https://nvd.nist.gov/vuln/detail/CVE-2025-40080), [CVE-2025-40079](https://nvd.nist.gov/vuln/detail/CVE-2025-40079), [CVE-2025-40078](https://nvd.nist.gov/vuln/detail/CVE-2025-40078), [CVE-2025-40071](https://nvd.nist.gov/vuln/detail/CVE-2025-40071), [CVE-2025-40070](https://nvd.nist.gov/vuln/detail/CVE-2025-40070), [CVE-2025-40068](https://nvd.nist.gov/vuln/detail/CVE-2025-40068), [CVE-2025-40067](https://nvd.nist.gov/vuln/detail/CVE-2025-40067), [CVE-2025-40062](https://nvd.nist.gov/vuln/detail/CVE-2025-40062), [CVE-2025-40053](https://nvd.nist.gov/vuln/detail/CVE-2025-40053), [CVE-2025-40029](https://nvd.nist.gov/vuln/detail/CVE-2025-40029), [CVE-2025-40038](https://nvd.nist.gov/vuln/detail/CVE-2025-40038), [CVE-2025-40037](https://nvd.nist.gov/vuln/detail/CVE-2025-40037), [CVE-2025-40036](https://nvd.nist.gov/vuln/detail/CVE-2025-40036), [CVE-2025-40035](https://nvd.nist.gov/vuln/detail/CVE-2025-40035), [CVE-2025-40033](https://nvd.nist.gov/vuln/detail/CVE-2025-40033), [CVE-2025-40051](https://nvd.nist.gov/vuln/detail/CVE-2025-40051), [CVE-2025-40049](https://nvd.nist.gov/vuln/detail/CVE-2025-40049), [CVE-2025-40031](https://nvd.nist.gov/vuln/detail/CVE-2025-40031), [CVE-2025-40048](https://nvd.nist.gov/vuln/detail/CVE-2025-40048), [CVE-2025-40047](https://nvd.nist.gov/vuln/detail/CVE-2025-40047), [CVE-2025-40045](https://nvd.nist.gov/vuln/detail/CVE-2025-40045), [CVE-2025-40044](https://nvd.nist.gov/vuln/detail/CVE-2025-40044), [CVE-2025-40043](https://nvd.nist.gov/vuln/detail/CVE-2025-40043), [CVE-2025-40039](https://nvd.nist.gov/vuln/detail/CVE-2025-40039), [CVE-2025-40030](https://nvd.nist.gov/vuln/detail/CVE-2025-40030), [CVE-2025-40018](https://nvd.nist.gov/vuln/detail/CVE-2025-40018), [CVE-2025-40004](https://nvd.nist.gov/vuln/detail/CVE-2025-40004), [CVE-2025-40032](https://nvd.nist.gov/vuln/detail/CVE-2025-40032), [CVE-2025-40042](https://nvd.nist.gov/vuln/detail/CVE-2025-40042), [CVE-2025-40019](https://nvd.nist.gov/vuln/detail/CVE-2025-40019)) #### Bug fixes: - Alpha only: Fixed systemd-sysext payload handling for air-gapped/self-hosted updates which was a known bug for 4487.0.0 ([ue-rs#93](https://github.com/flatcar/ue-rs/pull/93)) - Excluded TUN/TAP interfaces from the default DHCP network configuration to solve conflicts with the programs that created them ([Flatcar#1933](https://github.com/flatcar/Flatcar/issues/1933)) - Fixed Intel microcode updates which were broken in recent Alpha and Beta releases by switching back to built-in extra firmware instead of early cpio inclusion ([Flatcar#1909](https://github.com/flatcar/Flatcar/issues/1909)) - Fixed a kernel boot warning when loading an explicit list of kernel modules in the minimal first-stage initrd ([Flatcar#1934](https://github.com/flatcar/Flatcar/issues/1934)) - Fixed that the needed Flatcar extensions don't get removed on update which caused a re-download ([update_engine#51](https://github.com/flatcar/update_engine/pull/51)) #### Changes: - Added support for the kernel cmdline parameters `flatcar.release_file_server_url` and `flatcar.dev_file_server_url` to specify custom servers where Flatcar extensions should be downloaded on boot ([bootengine#112](https://github.com/flatcar/bootengine/pull/112)) - Alpha only: Reduced Azure image size again to 30 GB as before by shrinking the root partition to compensate for the growth of the other partitions ([scripts#3460](https://github.com/flatcar/scripts/pull/3460)) - Scaleway: The Linux console is now attached to the correct console port. ([scripts#3383](https://github.com/flatcar/scripts/pull/3383)) #### Updates: - Linux ([6.12.54](https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tag/?h=v6.12.54) (includes [6.12.53](https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tag/?h=v6.12.53), [6.12.52](https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tag/?h=v6.12.52))) Best, The Flatcar Container Linux Maintainers --- ### Communication #### Go/No-Go message for Matrix/Slack Go/No-Go Meeting for Alpha 4487.0.1 Pre-view images are available in https://bincache.flatcar-linux.net/images/amd64/$VERSION/ Tracking issue: https://github.com/flatcar/Flatcar/issues/1936 The Go/No-Go document is in our HackMD @flatcar namespace Link: https://hackmd.io/SMMJukplQAGaA19au5b5wQ Please give your Go/No-Go vote with 💚 for Go, ❌ for No-Go, and ✋ for Wait. Contributors & community feel free to put your suggestions, thoughts or comments on the document or here in the chat. @MAINTAINER @MAINTAINER @MAINTAINER #### Mastodon _The toot (from [@flatcar](https://hachyderm.io/@flatcar)) goes out after the changelog update has been published; it includes a link to the web changelog._ 🚀 Flatcar Alpha Release Update! This release fixes key issues around updates, networking, and firmware — especially for self-hosted setups. Let’s dive into what’s new 👇 #Flatcar #Linux #ContainerLinux Tweet 2 🛠️ Fixes & Changes sysext payloads fixed for offline updates, excluded TUN/TAP from DHCP, restored Intel microcode, resolved kernel boot warn, stopped sysext re-downloads, added custom server cmdline params, Azure img back to 30 GB + Scaleway console fix. Tweet 3 ⬆️ Updates • Linux kernel bumped to v6.12.54 🧠 https://lwn.net/Articles/1042571/ Follow @flatcar for regular updates! #### Kubernetes Slack _This goes in the #flatcar channel_ Please welcome the Flatcar Linux releases for October! 🎉 - **Alpha 4487.0.1** (maintenance release) These releases include: 🩹 Fixes & updates: • Fixed `systemd-sysext` payloads for offline/air-gapped updates [ue-rs#93] • Excluded TUN/TAP from default DHCP config to avoid conflicts • Restored Intel microcode updates in Alpha/Beta • Resolved kernel boot warning during initrd module load • Prevented unnecessary re-downloads of required sysexts ⚙️ Changes & improvements: • Added kernel cmdline params `flatcar.release_file_server_url` & `flatcar.dev_file_server_url` for custom extension servers • Azure image size reduced back to 30 GB • Scaleway console now attached to the correct port 📦 Component updates: • Linux 6.12.54 (includes .53 and .52) 📜 Full release notes at the usual spot: 🔗 https://www.flatcar.org/releases/ 💙 Thanks to everyone contributing, testing, and reporting issues to keep Flatcar rolling strong!