I'm not sure you understand the actual severity of this exploit. I personally am not going out of my way to check if any of my servers are patched for this or verify my kernels are up to date.

This exploit doesn't impact me, or most people. Why? It requires CAP_NET_ADMIN to exploit that. Who has CAP_NET_ADMIN? root, root in a container, or a machine with unprivileged user namespaces.

Many kernels turn off unprivileged user namespaces still, and even with them enabled, it also requires running untrusted binaries on your machine.

This isn't remotely exploitable. I don't run untrusted binaries or containers on any of my machines. I feel pretty safe.

It also doesn't "bypass all protections". If you run a container where the user doesn't have CAP_NET_ADMIN, they won't be able to exploit this. If you turn off unprivileged user namespaces, an unprivileged user on the host won't be able to get CAP_NET_ADMIN to exploit this.

Why do you think this is worth a lot? What are "the right hands" and what could they do with this?