Lukas

**Name of the Vulnerable Software and Affected Versions:** Linux kernel (affected versions not specified) **Description:** A flaw exists in the Linux kernel related to PCI link speed calculation during retrain failures. Specifically, when `pcie failed link retrain()` fails to retrain a link, it attempts to revert to the previous link speed. However, the calculation of this speed from the Link Control 2 register does not properly mask out non-speed bits, leading to an incorrect speed value being determined as PCI SPEED UNKNOWN (0xff). This results in a warning message and potential issues with downstream link functionality. The issue occurs due to an incorrect conversion of values in `PCIE LNKCTL2 TLS2SPEED()` and `PCIE LNKCAP SLS2SPEED()`. **Recommendations:** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18 iPadOS versions prior to 18 **Description** A permissions issue was addressed by removing vulnerable code and adding additional checks. Password autofill may fill in passwords after failing authentication. **Recommendations** For iOS versions prior to 18, update to iOS 18 to resolve the issue. For iPadOS versions prior to 18, update to iPadOS 18 to resolve the issue.