Linux Patch Was Developed in 2015
...according to Alan Cox who posted this link in support of the statement:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897
so the question becomes why wasn't it picked up before a few weeks ago?
Well, the third internal link explains that:
On Linux, the issue is fixed by commit d8ba61ba58c8 ("x86/entry/64: Don't use IST entry for #BP stack"), which has been available in Linus' tree and -stable kernels for some time. (Yes, the patch really was written in 2015. I fixed the issue as part of related work by accident, but I wasn't aware that the issue was at all urgent at the time, so the patch was never pushed out.) Most other vendors should have their own advisories and fixes available now.
Biting the hand that feeds IT
