While the effects of a bug like this will be mostly short lived on desktop systems where patch management is usually pretty good in linux, the effects on embedded systems can reverberate for years. Look around your house or office and consider how many devices like TVs, dvd players, DVRs, broadband routers, access control devices, industrial control systems and the like run linux and have a usb port. Many of these will have a broad range of usb device drivers built into the kernel (even if they're not used) and often use a network port or wireless chip by design. Very few of these will have reasonable update policies, and even fewer of them will move to a new kernel or backport a vulnerable driver. Many rely on custom drivers that would need to be tested all over again to qualify a new kernel and have busy and relatively inexperienced staff on them.<p>The ability to use these devices as sniffers, network backdoors and MITM attackers is very much there. Most of the time devices like this are more less invisible, very few consumers will be watching their network traffic. Worse, even when an intrusion is detected on a network and all traditional computing devices are wiped or replaced few people will think to replace their blu-ray.<p>Just another brick in the pervasive insecurity wall.