diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index dba52a7db5e8..614a557a0814 100644
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -1015,6 +1015,13 @@ static long seccomp_notify_recv(struct seccomp_filter *filter,
 	struct seccomp_notif unotif;
 	ssize_t ret;
 
+	/* Verify that we're not given garbage to keep struct extensible. */
+	ret = check_zeroed_user(buf, sizeof(unotif));
+	if (ret < 0)
+		return ret;
+	if (!ret)
+		return -EINVAL;
+
 	memset(&unotif, 0, sizeof(unotif));
 
 	ret = down_interruptible(&filter->notif->request);