Well the cve noted in the article requires local access so either stacking exploits, having access to the machine or dropping usbs and hoping someone plugs it in.

Note there's also a exploit to gain local access via malformed incoming ipv6 packets fixed in the same patch set