Re: Don't buy a new Intel based system for a while?
"AMD when eBPF JIT is turned on"
While running interpreted out of bound access will be checked and speculative execution will be in the interpreter, not an attacker controlled address. Turning on JIT allows an attacker to craft code that will be compiled to machine code to run potentially without checks. It's a way of weaponising an otherwise unusable kernel exploit.
If enabling JIT does make AMD vulnerable then AMD is vulnerable in that test and you read too much into this. I believe the only test they succeeded with was user to user snooping which is expected to work. The more frightening user to kernel Meltdown blocking claim hasn't been disproved yet.
Biting the hand that feeds IT
