Reading between the lines a bit it looks like: (1) The problem affects devices with particular BIOS implementations; (2) The problem affects particular hardware implementations only; (3) The problem affects particular Linux kernel releases that include particular versions of the Intel SPI driver; (4) The problem affects particular Linux distributions that perform operations that use the SPI driver in a way that upsets a BIOS that doesn't like a particular set of hardware design decisions. There's also a distinct possibility that individual choices of setting within the BIOS affects one or another of these layers of conditionality. There are also other reports of other non-Linux OSs that happen to perform similar operations over the SPI bus having the same problem on the same hardware platforms.
Canonical seem to be behaving responsibly and reacting quickly once they were identified as a possible cause even if they are not the only contributor to the total chain of "gotchas" that lead to end-user problems. I'm not so sure the same could be said of other players.
How much regression testing can we expect, and from whom?
Lenovo can't be expected to test every single OS, especially those that haven't been written yet.
Intel can't be expected to test every single hardware platform.
Canonical can't be expected to test every single hardware platform either.
The Linux community probably tests the widest variety of hardware platforms, but only by trying it and having occasional problems (like this one!).
You can expect BIOS implementations to test correct operation on correctly built hardware.
You can expect hardware designers to use reliable BIOS suppliers.
You should be able to expect hardware designers to build hardware that correctly connects up the chips they use.
But even that testing won't be 100% in practice, even though it should be.
In my opinion, if a machine won't allow the BIOS settings to be corrected, or it it allows the BIOS settings to be set to an invalid state, the machine builder is responsible even if only for the choice of BIOS supplier they made. They have no responsibility for preserving the correct operation of a non-supported OS, but do have a responsibility for ensuring it is possible to re-install a supported OS.
(And before anyone says so I don't think measures that allow a device to be deliberately "bricked" if stolen should be circumventable at all easily but do think it should be difficult to activate such facilities to make it very unlikely to activate them by accident.)