(You can recognize individual people from keystroke timing now. And I don't think this is patched in openssh.)
It isn't good if a remote non-MITM attacker can see the exact timing and cache associativity of remote writes. It doesn't seem from the article that they can monitor timing of other data, but then they also say the CPU does not reserve specific parts of cache for DDIO, leaving open the possibility of recovering information about local process memory/cache operations, the obvious candidate of interest being RSA calcs. I would not be surprised to see more attacks come from this.