From b0b5ab720d9acd1c3520b50fd3c8f68e81c42c8b Mon Sep 17 00:00:00 2001
From: Kernel Build Daemon <kbuild@suse.de>
Date: Apr 12 2024 10:15:39 +0000
Subject: Merge branch 'scripts' into linux-next


---

diff --git a/scripts/check-kernel-fix b/scripts/check-kernel-fix
index 6429f27..cfa9577 100755
--- a/scripts/check-kernel-fix
+++ b/scripts/check-kernel-fix
@@ -375,7 +375,8 @@ if [ -n "$cve" ]
 then
 	bsc=$(cve2bugzilla $cve $refresh)
 	[ -z "$cvss" ] && cvss=$(cve2cvss $cve $refresh)
-	echo "Security fix for $cve $bsc with CVSS ${cvss:-unknown (assuming high impact), re-check later with -r}"
+	echo "Security fix for $cve $bsc with CVSS ${cvss:-unknown, re-check with -r or use -s score if the score is in bugzilla whiteboard}"
+	[ -z "$cvss" ] && exit 1
 else
 	# emulate no CVE fix as CVSS==0. This will typically happen
 	# for upstream commit with Fixes: which we want to target to
diff --git a/scripts/common-functions b/scripts/common-functions
index 161007f..f5b8aee 100644
--- a/scripts/common-functions
+++ b/scripts/common-functions
@@ -68,7 +68,7 @@ cve2sha()
 {
 	local arg=$1
 	local REFRESH=$2
-	sha="$(cd $VULNS_GIT; [ -n "$REFRESH" ] && git pull >/dev/null 2>&1; scripts/cve_search $arg 2>/dev/null | cut -d" " -f7)"
+	sha="$(cd $VULNS_GIT; [ -n "$REFRESH" ] && git pull >/dev/null 2>&1; scripts/cve_search $arg 2>/dev/null | head -n1 | cut -d" " -f7)"
 	
 	if [ $(echo $sha | wc -c) -eq 41 ]
 	then