OK - immune is not technically accurate, but for most people, it's good enough. Note I'm just talking Intel CPU vs AMD CPU here (so ARM, GPU, etc, outscoped).
My assertion is that AMD is immume to the main painful fix (i.e. Meltdown mitigation), and there is negligible impact OS fixes already delivered for the other issues (Spectre). Therefore, if you have AMD, you are good. If you have Intel, then you have some impact for even newest CPUs, and more impact for older CPUs, depending on how much kernel transition activity your workload has.
More detail: there are three vulnerabilities being discussed:
- Rogue Data Cache Load (a.k.a. Meltdown)
- Bounds Check Bypass (a.k.a. Spectre variant 1)
- Branch Target Injection (a.k.a. Spectre variant 2)
For #1, this is Intel but not AMD. Intel is not doing proper security checks on kernel page speculative access, leading to a fairly trivial exploit to access memory outside of your unprivileged user space. The fix is something called Kernel Page Table Isolation, which is a performance penalty on Intel. Why not AMD? Because it respects kernel page table permissions in its speculation code paths, like Intel will have to do from the next generation of CPUs.
For #2 - it's a much broader issue and did indeed impact AMD, but the OS fix is already available and it's negligible impact.
For #3 - AMD states that their architecture is much more resistant to this, and there is a near zero risk of exploit on their CPUs. Plus no research code highlighting this issue has yet been made.
So ... advantage to AMD here, especially with their new CPUs finally being competitive for both desktop and server.
Disclosures: I have no professional association with AMD or Intel, and this is my personal opinion only.
Sources of good reading:
https://www.amd.com/en/corporate/speculative-execution
https://medium.com/@mattklein123/meltdown-spectre-explained-6bc8634cc0c2
