In the Linux kernel, the following vulnerability has been resolved:
NFS: Dont corrupt the value of pg_bytes_written in nfs_do_recoalesce()
The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list.