I'm on Debian:

$ uname -a
Linux test 4.9.0-11-amd64 #1 SMP Debian 4.9.189-3+deb9u2 (2019-11-11) x86_64 GNU/Linux

If I run the ./lucky0, I get this:

xfrm 3.x - 5.x kernels poc
vitaly [at] duasynt.com

[+] trying to win the race. wait...
[-] unshare: Operation not permitted

This is, if I understand correctly, because I don't have unprivileged user_namespaces enabled.
If I enable them with sysctl -w kernel.unprivileged_userns_clone=1, then I'm able to run the binary.

My assumption is that this system is safe because you need to have admin rights to run sysctl, so at that time the attacker doesn't need to run the exploit. So unless someone accidentally or foolishly enables this, the system is safe?