The trick derandomizes ASLR by exploiting hardware behaviour that is critical to efficient code execution. It's not dependent on specific software and 22 microarchitectures from Intel, AMD and ARM were found vulnerable.
In this paper, we show that the problem is much more serious and that ASLR is fundamentally insecure on modern cache-based architectures. Specifically, we show that it is possible to derandomize ASLR completely from JavaScript, without resorting to esoteric operating system or application features. Unlike all previous approaches, we do not abuse weaknesses in the software (that are relatively easy to fix). Instead, our attack builds on hardware behavior that is central to efficient code execution: the fast translation of virtual to physical addresses in the MMU by means of page tables. As a result, all fixes to our attacks (e.g., naively disabling caching) are likely too costly in performance to be practical. To our knowledge, this is the first attack that side-channels the MMU and also the very first cache attack that targets a victim hardware rather than software component.More details about the ASLR Cache can be read at ARS Technica. The researchers conclude there is no easy way to fix this as architectural fixes are likely to be too costly in terms of performance to be practical, and new hardware-based mitigation techniques may cause the vulnerability to resurface in software. Disabling JavaScript does the trick but that also cripples most modern websites.