Maybe in modern OS/CPU combos, but on a 70s era 8 bit CPU like the 6502 the code as described above is definitely vulnerable to a hardware interrupt overwriting the out of scope memory area in question before it is used. One way to make it safe would be to disable interrupts, although non-maskable interrupts would still be a problem.
However, although I haven't checked the details, I suspect that something much cleverer does make the trick robust. What would the hardware interrupt service routine overwrite the out of scope memory with ? For many CPUs, maybe for the 6502, it would be the return address from the interrupt service routine - which is slightly different to the originally pushed return address, but still on the same page, which is all that's required. So a little bit of Woz magic perhaps.
However, although I haven't checked the details, I suspect that something much cleverer does make the trick robust. What would the hardware interrupt service routine overwrite the out of scope memory with ? For many CPUs, maybe for the 6502, it would be the return address from the interrupt service routine - which is slightly different to the originally pushed return address, but still on the same page, which is all that's required. So a little bit of Woz magic perhaps.