In the Linux kernel, the following vulnerability has been resolved:
NFS: fix an incorrect limit in filelayoutdecodelayout()
The "sizeof(struct nfsfh)" is two bytes too large and could lead to memory corruption. It should be NFSMAXFHSIZE because that's the size of the ->data[] buffer.
I reversed the size of the arguments to put the variable on the left.