The title says "code execution", but you need your Python code to already be running in order to trigger this, so I'd rather classify it as a sandbox escape since just by manipulating built-in CPython objects you can do buffer overflows and get the address of system and ROP ur way to success, without importing any new modules.
I think the only way to block this exploit is to completely never load the io module, which severely limits a lot of Python code...
Full exploit code here