As they note in the report, it is a very small percentage of SSH transactions that may be subject to this. You'd also already need access to the target. I guess the scenario would be a shared hosting service that clients access via SSH. Still there would have to be some host security shortcomings (it would seem) in order for Client A to eavesdrop on Client B's SSH session and its errors.
Still, the approach underscores that asymmetric cryptography is based upon the difficulty - not impossibility - of computing a private key from a public one, and we're beginning to see approaches that illustrate that such difficulty is not as high as once believed.