Fonts are a lot more complicated than they appear. Font formats like TTF are binary executable. Basically that means a malicious font file installed can run commands on your system just by displaying what looks like the letter m. Fonts are also processed through an interpreter engine that renders their physical display on screen. Interpreters are nortoriousy a vector of attack because of their low level system access
I just went through this the other week. I got a replacement phone identical to the one I had, and it worked for the most part. Most of the apps logged in but there's a good few that didn't and I had to do it manually.
Despite this affecting only FIDO and barely any Yubikeys are being used for that, it's important to keep in mind that exploits and attacks get worse over time. For now it's just FIDO and requires complex hardware and practically destroying the key. I wouldn't be surprised if this exploit is just the beginning.
I'd say so. It's a starting point for looking into LUN mounting issues with an incorrect host type. These results are better than nothing.