Over the past few days, system and server administrators have been more stressed than usual. The reason for this is called Systemd, an application that most distributions have and that has caused a significant security hole in the servers.
The problem lies in the dns_packet_new package, a package in charge of the dns within Systemd that has sown discord and concern among many servers.
The management of dns by Systemd has caused a security hole in the servers
The bug in Systemd is due to the dns_packet_new package creating a very small memory buffer that can be easily overflowed and after that the attacker can take advantage of it to take control of the machine. It is a serious security hole and affects all distributions that have Systemd, unless they have a version equal to or later than Systemd 233, which has clearly sparked panic in some. It must be remembered that Gnu / Linux is the most used system within servers, already passing 90% of the computers that have this operating system.
Currently, many distributions are sending packages that correct this vulnerability, so it seems that by the end of this week, the most of the servers will be out of harm's way, but in some specific cases it will be necessary to wait a little time, with the consequent risk.
Systemd has brought controversy to the Gnu / Linux world for months. First with the arrival and use of the system to certain distributions and now with security holes. In any case, it is true that many distributions go ahead with this system and only correct the bugs that appear. But there are also alternatives that do not use systemd, in case you are thinking of changing the distribution.