Apply by doing:
	cd /usr/src
	patch -p0 < 003_tcpinput.patch

Then build and install a new kernel.

Index: sys/netinet/tcp_input.c
===================================================================
RCS file: /cvs/src/sys/netinet/tcp_input.c,v
retrieving revision 1.220
retrieving revision 1.220.2.1
diff -u -p -r1.220 -r1.220.2.1
--- sys/netinet/tcp_input.c	3 Jul 2008 15:46:24 -0000	1.220
+++ sys/netinet/tcp_input.c	5 Nov 2008 23:18:14 -0000	1.220.2.1
@@ -594,11 +594,11 @@ tcp_input(struct mbuf *m, ...)
 	/*
 	 * Locate pcb for segment.
 	 */
-findpcb:
 #if NPF > 0
 	if (m->m_pkthdr.pf.statekey)
 		inp = ((struct pf_state_key *)m->m_pkthdr.pf.statekey)->inp;
 #endif
+findpcb:
 	if (inp == NULL) {
 		switch (af) {
 #ifdef INET6
@@ -1309,6 +1309,7 @@ trimthenstep6:
 			    ((arc4random() & 0x7fffffff) | 0x8000);
 			reuse = &iss;
 			tp = tcp_close(tp);
+			inp = NULL;
 			goto findpcb;
 		}
 	}