FLUSH+RELOAD is a classic L3 cache side-channel attack that exploits the shared cache hierarchy in modern processors to leak sensitive information across security boundaries. Originally published in 2014, the technique uses a simple probe pattern: flush a cache line, wait for the victim to access it, then reload to measure access time. The high resolution and low noise of this method make it particularly dangerous in cloud environments where multiple tenants share physical hardware. Despite hardware countermeasures like Intel's Cache Allocation Technology (CAT) and AMD's SEV, FLUSH+RELOAD variants continue to be effective in many real-world scenarios. This retrospective analysis examines why the attack remains relevant, how it has evolved with new microarchitectures, and what mitigations are still needed. For security engineers and cloud architects, understanding FLUSH+RELOAD is essential for designing robust isolation mechanisms. The post also discusses recent research that combines FLUSH+RELOAD with other primitives for more sophisticated attacks, emphasizing that cache side-channels are not a solved problem.
This post discusses the FLUSH+RELOAD cache side-channel attack, a high-resolution method to leak sensitive data from L3 caches. Despite being over a decade old, the technique remains relevant for cloud security and multi-tenant system isolation. The analysis highlights its low-noise characteristics and practical implications for modern hardware defenses.