The specific bug is that they don't check the return value of some function returning a pointer, which may be NULL. It then leads to a NULL pointer dereference which corrupts things.
So, as far as it seems currently, there is no negative effect of using an unpatched kernel (except for the risk of it suddenly dying, of course).
By the way, it's worthy to note that the firmware actually resides on the flash itself. There is a very small boot ROM (which is probably a mask ROM) that loads the firmware out of the NAND device.
Why am I mentioning this? It means that a bug in the firmware may actually corrupt the firmware itself, bricking the device.
Sent from my GT-I9300 using xda app-developers app