In BlueBorne Technical White Paper, the authors mention
It should be mentioned that testing and triggering this vulnerability was not an easy task, and required direct use of the ACL layer to send malformed L2CAP packets. Since no Bluetooth stack provides this to the user ...
As an end user, such a vulnerability appears to be more of a theoretical concern. Is my understanding correct?
The part from the paper you cite essentially says that you need a special client to create the exploit. This is roughly similar to saying that you cannot exploit a specific bug in a web application with the standard browser but that you need enough knowledge of the HTTP layer to write a customized program for it. While this might be too hard for the average user it is no real obstacle for a person with that specific knowledge. And it might even get easy for the average script kiddie once an exploit is released as proof or test of the vulnerability.
The part of the paper which actually answers your question is the sentence above the one you cite:
This makes the stack overflow presented above easy to exploit - as we demonstrate in the demo video.
And, as for the knowledge needed to exploit the attack also important information are included after the part you've cited:
We will be releasing the testing framework we developed, alongside an exploit code of this specific vulnerability in a future blog post. This testing framework could assist researchers in further exploration and pentesting of Bluetooth stacks.
