This has me more concerned than some of the other recent bugs, primarily because it's so easy to exploit by script kiddies.
Plus, there are huge, vast, barely conceivable numbers of network-attached embedded devices that use the gethostbyname() call. What percentage of these are remotely update-able? What percentage of these will have their firmware re-flashed?
This one seems like it gives black-hats the ideal way to get a swarm army of (relatively) weak and/or dumb devices. Yet even these weak, dumb devices should be sufficient to set up warrens of ssh tunnels, nodes for DDoS attacks, etc.