Created attachment 225222 [details]
patch: git diff file
FreeBSD is vulnerable to CVE-2020-26144 of the "FragAttacks" findings. For background see Section 6.5 in https://papers.mathyvanhoef.com/usenix2021.pdf
This vulnerability can be reproduced using the FragAttack test tool at https://github.com/vanhoefm/fragattacks with the test case "eapol-amsdu-bad I,P" (the injected ping request should be rejected by the kernel).
The attached patches fixes this vulnerability. It was tested using a Belkin F5D8053 (run driver) in client mode.
And lastly this one is at https://reviews.freebsd.org/D30665 .
For this one I did add "else eh = NULL" initializations; I am not sure why there were no warnings turned into errors.