Indeni’s response to the PolKit  vulnerability

Indeni became aware of the vulnerability in PolKit’s kexec component, tracked as CVE-2021-4034 on January 25, 2022. The PolKit vulnerability has come to be known as PwnKit. We immediately investigated the vulnerability and potential exploits. 

On January 26, 2022, patches for Ubuntu were released to fix the vulnerability. Please refer to this security notice for more information. Indeni is actively working on a hotfix and it will be available in mid February. 

This is also a good time to remind our customers that your best protection is to secure your server at all times. Please refer to the “Your Responsibility In Securing Your Data” section for steps to secure your server. 

If you have additional questions related to the PolKit vulnerability, please do not hesitate to contact us. 


An avatar of the author

Ulrica de Fort-Menares is the Vice President of Product Management for Infrastructure Assurance.

Related content

Simplify NIS2 compliance with DNS management

Learn whether the EU’s NIS2 requirements apply to your organization and about how DNS management and BlueCat can boost your path to compliance.

Read more

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

BlueCat to acquire LiveAction

BlueCat adds LiveAction’s network observability and intelligence platform, which helps large enterprises optimize the performance, resiliency, and security of their networks.