An issue was discovered in edk2. Freed memory was not cleared in some cases, potentially leaking secret information.
Created edk2 tracking bugs for this issue:
Affects: epel-all [bug 1833349]
Affects: fedora-all [bug 1833348]
Marking rhel-7/ovmf and rhel-8/edk2 as notaffected based on https://bugzilla.tianocore.org/show_bug.cgi?id=1611#c9 .
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):