In the Linux kernel, the following vulnerability has been resolved:
NFS: fix an incorrect limit in filelayout_decode_layout()
The sizeof(struct nfs_fh) is two bytes too large and could lead to memory corruption. It should be NFS_MAXFHSIZE because thats the size of the ->data[] buffer.
I reversed the size of the arguments to put the variable on the left.