I think, I've identified the possible source for this issue Source:
/* Take into account only number of whole bytes */
uint32_t rx_data_size = ((NRF_NFCT->RXD.AMOUNT ...) - NFC_CRC_SIZE;
In some cases
NRF_NFCT->RXD.AMOUNT is 0.
0 - NFC_CRC_SIZE with unsigned datatype results in a very large number.
Btw: I also don't like that nordic is accessing data from this buffer without verifying, that the received amount of data makes some sense:
if(m_nfc_rx_buffer == NFC_SLP_REQ_CMD)