Bug ID: 1651520 (CVE-2020-15668) Summary: ThreadSanitizer: data race [ @ NSC_GetTokenInfo] vs. [ @ NSC_CloseSession] Status: Closed, RESOLVED FIXED Product & Component: NSS > Libraries Priority & Severity: P1, S2 Platform: Mozilla NSS version 3.55 Tracking Flags: - firefox-esr68: wontfix - firefox-esr78: wontfix - firefox78: wontfix - firefox79: wontfix - firefox80: fixed Attachments: - Detailed Crash Information - Bug 1651520 - slotLock race in NSC_GetTokenInfo r?jjacobs Comments: - The bug affects the function, which doesn't lock before accessing it, causing a data race. - This was detected by ThreadSanitizer and reported as a potential security issue. - An attached patch was provided (https://hg.mozilla.org/projects/nss/rev/58c2abd7404eee86503e53be6d401297150f2ce3). References: - Issue blocks 1 open bug (not detailed in the text, so unclear which bug it is).