Yes, but that type of attack is very complex and exceedingly rare...and would require a vulnerability in the network stack itself or the NIC driver. Just as likely as that happening in a dedicated edge box.
Yes, I think I stated pretty much that. But having 2x the attack surface doubles your risk, while the risk is very low why double it if you do not have too?