SynopsisThe remote Amazon Linux 2 host is missing a security update.
DescriptionIf the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.(CVE-2018-1122)
SolutionRun 'yum update procps-ng' to update your system.