Only if the machine is directly connected to the internet and the malicious packet doesn't hit a firewall somewhere along the path.

Most laptops connected to Wi-Fi are indeed connected to an AP or a SOHO router that does NAT, so the attacker won't be able to directly reach it and this is a requirement for this to work.

The attacker can be on the LAN though.

Sure but security isn’t about being 100% protected which is impossible, but lowering your attack foot print. Unless you have a ton of people hooking to your LAN regularly then this still greatly lowers you chances of getting hit with this particular security flaw by people on the WAN

A useful target might be university networks, although IIRC our university printers weren’t available for discovery. Instead we would send our documents to a special email that would forward it to a local print server so we could get charged for it.

Plenty of laptops have a built in modem and this is becoming more ckmmoj every day. Those connect directly to the internet.

NAT only makes a difference if you use. IPv4 only. If you have dual stack, then your host is on the public internet.