diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index e360b51f95c8af3149d289cb09ff1dfd6e2cc61d..c8a66a888f65581e55c56a34f76c1a790955d17c 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -967,6 +967,8 @@ static void udp_v6_flush_pending_frames(struct sock *sk)
 static int udpv6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
 			     int addr_len)
 {
+	if (addr_len < offsetofend(struct sockaddr, sa_family))
+		return -EINVAL;
 	/* The following checks are replicated from __ip6_datagram_connect()
 	 * and intended to prevent BPF program called below from accessing
 	 * bytes that are out of the bound specified by user in addr_len.