{"document":{"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en-US","publisher":{"category":"vendor","contact_details":"product-security@kunbus.com","issuing_authority":"KUNBUS GmbH develops and produces the Revolution Pi Family, Revolution Pi OS and the extension modules for RevPi amongst others. KUNBUS PSIRT is responsible for vulnerability handling across all KUNBUS products and services.","name":"KUNBUS PSIRT","namespace":"https://www.kunbus.com"},"title":"Dangerous default file permissions","notes":[{"category":"legal_disclaimer","text":"THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. KUNBUS RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.","title":"Legal Disclaimer"}],"tracking":{"generator":{"date":"2025-06-06T13:07:54.688Z","engine":{"version":"1.0.0","name":"csaf-cms-backend"}},"version":"1.0.0","status":"final","revision_history":[{"date":"2025-06-06T13:08:50.043636831Z","number":"1.0.0","summary":"Initial Publication"}],"current_release_date":"2025-06-06T13:08:50.043636831Z","id":"Kunbus-2025-0000004","initial_release_date":"2025-06-06T13:08:50.043636831Z"},"aggregate_severity":{"text":"Medium"},"references":[{"url":"https://www.kunbus.com/en/productsecurity/Kunbus-2025-0000004","summary":"HTML Version"},{"category":"self","summary":"URL generated by system","url":"https://psirt.kunbus.com/.well-known/csaf/white/2025/kunbus-2025-0000004.json"}]},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"04/2025","product":{"name":"Revolution Pi Revolution Pi OS Bullseye 04/2025","product_id":"CSAFPID-0003"}},{"category":"product_version","name":"05/2025","product":{"name":"Revolution Pi Revolution Pi OS Bullseye 05/2025","product_id":"CSAFPID-0001"}}],"category":"product_name","name":"Revolution Pi OS Bullseye"}],"category":"product_family","name":"Revolution Pi"}]},"vulnerabilities":[{"notes":[{"category":"details","title":"Details","text":"During the Image build process a few files were added with too much permissions. This includes the following:\n/etc/default/keyboard, /etc/default/locale, /etc/hosts, /etc/locale.gen, /etc/timezones, /etc/apt/sources.list, /etc/apt/sources.list.d/raspi.sources, /usr/share/keyrings/raspberrypi-archive-keyring.gpg\n\nThis would allow a locally authenticated attacker to alter package repositories and change package signing keys as well as changing timezone, locale and similar things."}],"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L","baseScore":6.6,"baseSeverity":"MEDIUM","temporalScore":6.6,"temporalSeverity":"MEDIUM","environmentalScore":6.6,"environmentalSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"products":["CSAFPID-0003"]}],"remediations":[{"details":"Update to Bookworm Image 05/2025.","date":"2025-06-02T10:00:00.000Z","category":"vendor_fix","product_ids":["CSAFPID-0003"],"url":"https://revolutionpi.com/en/support/downloads"},{"category":"vendor_fix","details":"Install the package revpi-base-files in version 1.1.1-1+deb12+2. This fixes all file permissions","date":"2025-06-02T10:00:00.000Z","product_ids":["CSAFPID-0003"],"url":"https://packages.revolutionpi.de/pool/main/r/revpi-base-files/revpi-base-files_1.1.1-1+deb12+2_all.deb"},{"category":"mitigation","date":"2025-05-28T10:00:00.000Z","details":"Change the file permissions of the following files to 644.\n/etc/default/keyboard, /etc/default/locale, /etc/hosts, /etc/locale.gen, /etc/timezones, /etc/apt/sources.list, /etc/apt/sources.list.d/raspi.sources, /usr/share/keyrings/raspberrypi-archive-keyring.gpg","product_ids":["CSAFPID-0003"]}],"product_status":{"known_affected":["CSAFPID-0003"],"fixed":["CSAFPID-0001"],"recommended":["CSAFPID-0001"]},"cwe":{"id":"CWE-276","name":"Incorrect Default Permissions"}}]}