[hansendc]

> - To what extend is this fixed by the mitigations which the kernel provides [0] for the Intel bugs? What do I have to add to my kernel command line?

The key part of this post is "In my lab, on a vulnerable Fedora" which means that the author is using an old, known-vulnerable version of Fedora on which to do their testing.

You don't have to do anything other than be running a reasonably modern version of the kernel that gets updates from -stable or from your distro.

BTW, this is a Spectre-v1-style exploit. These are EXTREMELY widespread across lots of processors with conditional branch speculation. It's (relatively) unrelated to the family of things like MDS or Spectre-v2 where microcode updates were issued.

Disclaimer: I work on Linux at Intel, occasionally on mitigation for this stuff.