The worse news
Is that since the driver is open source, it is easy for miscreants to compare what has changed and immediately develop an exploit. This seems tailor made for attacking people in airports, cafes and other places with public wifi. Since it is driver level it would allow capturing wifi traffic before it is encrypted, so to prevent snooping the traffic would need to already be encrypted (i.e. SSL, VPN etc.)
It seems to be limited to wifi/cellular p0wning, so is really more of a targeted attack thing as a general "p0wn whoever is out there" but if it were paired with another exploit that leveraged that control to give it full control over the phone then it becomes a general untargeted exploit.
