diff --git a/nixos/tests/gvisor.nix b/nixos/tests/gvisor.nix
index 77ff29341bed..7f130b709fc9 100644
--- a/nixos/tests/gvisor.nix
+++ b/nixos/tests/gvisor.nix
@@ -1,6 +1,6 @@
 # This test runs a container through gvisor and checks if simple container starts
 
-import ./make-test-python.nix ({ pkgs, ...} : {
+import ./make-test-python.nix ({ pkgs, ... }: {
   name = "gvisor";
   meta = with pkgs.lib.maintainers; {
     maintainers = [ andrew-d ];
@@ -9,21 +9,21 @@ import ./make-test-python.nix ({ pkgs, ...} : {
   nodes = {
     gvisor =
       { pkgs, ... }:
-        {
-          virtualisation.docker = {
-            enable = true;
-            extraOptions = "--add-runtime runsc=${pkgs.gvisor}/bin/runsc";
-          };
-
-          networking = {
-            dhcpcd.enable = false;
-            defaultGateway = "192.168.1.1";
-            interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [
-              { address = "192.168.1.2"; prefixLength = 24; }
-            ];
-          };
+      {
+        virtualisation.docker = {
+          enable = true;
+          extraOptions = "--add-runtime runsc=${pkgs.gvisor}/bin/runsc";
         };
-    };
+
+        networking = {
+          dhcpcd.enable = false;
+          defaultGateway = "192.168.1.1";
+          interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [
+            { address = "192.168.1.2"; prefixLength = 24; }
+          ];
+        };
+      };
+  };
 
   testScript = ''
     start_all()
@@ -31,13 +31,7 @@ import ./make-test-python.nix ({ pkgs, ...} : {
     gvisor.wait_for_unit("network.target")
     gvisor.wait_for_unit("sockets.target")
 
-    # Start by verifying that gvisor itself works
-    output = gvisor.succeed(
-        "${pkgs.gvisor}/bin/runsc -alsologtostderr do ${pkgs.coreutils}/bin/echo hello world"
-    )
-    assert output.strip() == "hello world"
-
-    # Also test the Docker runtime
+    # Test the Docker runtime
     gvisor.succeed("tar cv --files-from /dev/null | docker import - scratchimg")
     gvisor.succeed(
         "docker run -d --name=sleeping --runtime=runsc -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
diff --git a/pkgs/applications/virtualization/gvisor/default.nix b/pkgs/applications/virtualization/gvisor/default.nix
index 3e0349b5109e..67917b6b02fd 100644
--- a/pkgs/applications/virtualization/gvisor/default.nix
+++ b/pkgs/applications/virtualization/gvisor/default.nix
@@ -1,4 +1,5 @@
 { lib
+, nixosTests
 , buildGoModule
 , fetchFromGitHub
 , iproute2
@@ -7,9 +8,9 @@
 , procps
 }:
 
-buildGoModule rec {
+buildGoModule {
   pname = "gvisor";
-  version = "20221102.1";
+  version = "20231113.0";
 
   # gvisor provides a synthetic go branch (https://github.com/google/gvisor/tree/go)
   # that can be used to build gvisor without bazel.
@@ -18,11 +19,11 @@ buildGoModule rec {
   src = fetchFromGitHub {
     owner = "google";
     repo = "gvisor";
-    rev = "bf8eeee3a9eb966bc72c773da060a3c8bb73b8ff";
-    sha256 = "sha256-rADQsJ+AnBVlfQURGJl1xR6Ad5NyRWSrBSpOFMRld+o=";
+    rev = "cdaf5c462c4040ed4cc88989e43f7d373acb9d24";
+    hash = "sha256-9d2AJXoGFRCSM6900gOBxNBgL6nxXqz/pPan5EeEdsI=";
   };
 
-  vendorHash = "sha256-iGLWxx/Kn1QaJTNOZcc+mwoF3ecEDOkaqmA0DH4pdgU=";
+  vendorHash = "sha256-QdsVELNcIVsZv2gA05YgQfMZ6hmnfN2GGqW6r+mHqbs=";
 
   nativeBuildInputs = [ makeWrapper ];
 
@@ -39,6 +40,8 @@ buildGoModule rec {
     mv $out/bin/shim $out/bin/containerd-shim-runsc-v1
   '';
 
+  passthru.tests = { inherit (nixosTests) gvisor; };
+
   meta = with lib; {
     description = "Application Kernel for Containers";
     homepage = "https://github.com/google/gvisor";