Hi Joshua
The article mentions that the attackers will inject TCP SYN or RST messages, on ongoing TCP connections, that will look as legitimate packets from those TCP streams (including sequence numbers becuase they were already guessed by the attackers.)
If this is the case, if the attacker sends a RST, the SRX will reset the connection and close the TCP session becasue it looks like a legitimate RST message from the source. Now, If the attacker sends a SYN message, the SRX will notice that there is an already exisiting session that matches the characteristics of this packet and will drop the new packet becuase this packet is trying to create a new session but there is already an ongoing one.
I believe the TCP checks mentioned in above posts are for different scenarios.