System Administrator Andrew Ayer has discovered a system crippling bug in systemd that affects multiple Linux distributions such as Debian, Ubuntu, and CentOS. The bug has existed for more than two years and does not require root access to exploit.
According to the article:
After running this command, PID 1 is hung in the pause system call. You can no longer start and stop daemons. inetd-style services no longer accept connections. You cannot cleanly reboot the system. The system feels generally unstable (e.g. ssh and su hang for 30 seconds since systemd is now integrated with the login system).
Running this command can cripple any of the systems affected:
NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""
Some users were only able to reproduce the bug if they included it into a
while true loop:
while true; do NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""; done
Ubuntu released a security update last week that patches this exploit: http://www.ubuntu.com/usn/usn-3094-1/
I would expect other distros to release patches soon too. There are alternatives to systemd, and there are plenty of Linux users that are against systemd.
Source: GitHub Bug Report