I just made a check concerning this vulnerability at UXSS-Check | heise online (only in German unfortunately, but green means save, red doesn’t) and my Fairphone is not at risk.
But I fully agree with the rest of your post, the hardware and its software should be more controllable. From what I got so far this is the way the FP team wants to go anyway, and a big step into that direction is expected for the new device.