How hard is it to just boot an older kernel and rollback the default? Before I even thought about patching sensitive systems tonight the first thing our IT director asked was if I had a rollback plan. The answer? "Yes, boot old kernel, yum history undo [transaction id], reboot".
Always have a backout plan when doing upgrades, I'm just glad EL and derived distributions have an easy way to do it with yum's transaction history.
(tinfoil hat) That may be this kernel boot bug exists--the agencies are just trying to squeeze a few more days in of extracting data from prime targets, conveniently under the guise of public knowledge about exploiting it.