diff --git a/[refs] b/[refs]
index 2222fe49f4a4..e62937362580 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 2017a72c070033830b460d31cd4703f9d2ec0d56
+refs/heads/master: 95a02cfd4d33886c166d4a5f309120f8d32ced58
diff --git a/trunk/net/ipv6/esp6.c b/trunk/net/ipv6/esp6.c
index 7db66f10e00d..444053254676 100644
--- a/trunk/net/ipv6/esp6.c
+++ b/trunk/net/ipv6/esp6.c
@@ -230,6 +230,12 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
 		}
 		/* ... check padding bits here. Silly. :-) */
 
+		/* RFC4303: Drop dummy packets without any error */
+		if (nexthdr[1] == IPPROTO_NONE) {
+			ret = -EINVAL;
+			goto out;
+		}
+
 		pskb_trim(skb, skb->len - alen - padlen - 2);
 		ret = nexthdr[1];
 	}