"Normally that's not a security problem" ? PulseAudio allowing arbitrary code loaded into a suid root app via command line parameters is a gaping security hole by itself.

This exploit used a trivial root exploit to setup a deeper kernel level exploit, that can bypass SELinux, hide itself completely, etc.