Indeni’s response to the PolKit vulnerability

Last updated: July 31, 2025

Notice: This blog post was originally published on Indeni before its acquisition by BlueCat.

The content reflects the expertise and perspectives of the Indeni team at the time of writing. While some references may be outdated, the insights remain valuable. For the latest updates and solutions, explore the rest of our blog

Indeni became aware of the vulnerability in PolKit’s kexec component, tracked as CVE-2021-4034 on January 25, 2022. The PolKit vulnerability has come to be known as PwnKit. We immediately investigated the vulnerability and potential exploits.

On January 26, 2022, patches for Ubuntu were released to fix the vulnerability. Please refer to this security notice for more information. Indeni is actively working on a hotfix and it will be available in mid February.

This is also a good time to remind our customers that your best protection is to secure your server at all times. Please refer to the “Your Responsibility In Securing Your Data” section for steps to secure your server.

If you have additional questions related to the PolKit vulnerability, please do not hesitate to contact us.

What is the Intelligent Network of the future?

Indeni’s response to the PolKit vulnerability

Related content

Introducing Security Insights for smarter network security without complexity

Network observability maturity stuck? Learn how to pull ahead

How to choose a protective DNS solution for your network

Route traffic intelligently with DNS-based GSLB for BlueCat Edge