https://thehackernews.com/2020/03/ppp-daemon-vulnerability.html

"Most Linux systems" seems like quite s strong claim: the vast majority don't even run pppd, and of those that do, surely they run it only on the network interface corresponding to their uplink port? Are there use cases for running pppd on an Internet-accesible interface?

Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers

Critical Point-to-Point Protocol Daemon Remote Code Execution Vulnerability...

The Hacker News