This exploits the speculation that the CPU does to speed things up:
L1TF is a speculative execution side channel cache timing vulnerability. In this regard, it is similar to previously reported variants. There are three varieties of L1TF that have been identified. Each variety of L1TF could potentially allow unauthorized disclosure of information residing in the L1 data cache, a small pool of memory within each processor core designed to store information about what the processor core is most likely to do next.
This one is particularly bad if you run clouds and virtual servers.
Here is a good explanation by Redhat