CVE-2026-53177

In the Linux kernel, the following vulnerability has been resolved:

bnxt en: Fix NULL pointer dereference

PCIe errors detected by a Root Port or Downstream Port cause error recovery services to run on all subordinate devices regardless of administrative state.

The .error detected() callback, bnxt io error detected(), disables and synchronizes IRQs via bnxt disable int sync(), which calls bnxt cp num to irq num() to map completion rings to IRQs using bp->bnapi.

Since bp->bnapi is allocated on NIC open and freed on NIC close, PCIe error recovery on a closed NIC can dereference a NULL pointer.

Check if bp->bnapi is NULL before disabling and synchronizing IRQs.