Hype. The exploitation of the flaws requires hostile user mode code. There are claims being kicked around that the user mode code could include javascript but that is BS. Javascript was never able to accomplish rowhammer and won't accomplish this exploit either because it can't run arbitrary instructions.
However if you click on an exe, designed by a hacker, containing instructions to allow kernel memory to be read from user mode, then you are screwed. But you were screwed when you clicked on the exe because it can do plenty of damage in plain old user mode. So it doesn't really matter.
But I should have also mentioned that the virtual server providers like Amazon, MS and others are concerned because their users can run arbitrary code by design. A hostile user of one of their services has the potential to impact the service or other users of the service when they should be isolated. So it is not hype for them.
[[However if you click on an exe, designed by a hacker, containing instructions to allow kernel memory to be read from user mode, then you are screwed. But you were screwed when you clicked on the exe because it can do plenty of damage in plain old user mode. So it doesn’t really matter.]]
Suppose that did happen, woudl system restore be able to undo the damage? (There is a program called rollbackRX which is a form of system restore on steroids- it works at boot level before the OS loads, so it could rollback a system to before the malicious code was executed)