diff --git a/CHANGES b/CHANGES
index 0b211b353a..f5c859d8f9 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+5763.	[bug]		Fix a bug in DoT code leading to an abort when
+			a zone transfer ends with an unexpected DNS message.
+			[GL #3004]
+
 5762.	[bug]		Fix a "named" crash related to removing and restoring a
 			`catalog-zone` entry in the configuration file and
 			running `rndc reconfig`. [GL #1608]
diff --git a/lib/isc/netmgr/tcpdns.c b/lib/isc/netmgr/tcpdns.c
index fb8308d6db..5fed46018f 100644
--- a/lib/isc/netmgr/tcpdns.c
+++ b/lib/isc/netmgr/tcpdns.c
@@ -774,6 +774,23 @@ isc__nm_tcpdns_processbuffer(isc_nmsocket_t *sock) {
 		return (ISC_R_NOMORE);
 	}
 
+	if (sock->recv_cb == NULL) {
+		/*
+		 * recv_cb has been cleared - there is
+		 * nothing to do
+		 */
+		return (ISC_R_CANCELED);
+	} else if (sock->statichandle == NULL &&
+		   atomic_load(&sock->connected) &&
+		   !atomic_load(&sock->connecting))
+	{
+		/*
+		 * It seems that some unexpected data (a DNS message) has
+		 * arrived while we are wrapping up.
+		 */
+		return (ISC_R_CANCELED);
+	}
+
 	req = isc__nm_get_read_req(sock, NULL);
 	REQUIRE(VALID_UVREQ(req));
 
diff --git a/lib/isc/netmgr/tlsdns.c b/lib/isc/netmgr/tlsdns.c
index 27895aa716..700874d28e 100644
--- a/lib/isc/netmgr/tlsdns.c
+++ b/lib/isc/netmgr/tlsdns.c
@@ -937,8 +937,20 @@ isc__nm_tlsdns_processbuffer(isc_nmsocket_t *sock) {
 	}
 
 	if (sock->recv_cb == NULL) {
-		/* recv_cb has been cleared - there is
-		 * nothing to do */
+		/*
+		 * recv_cb has been cleared - there is
+		 * nothing to do
+		 */
+		return (ISC_R_CANCELED);
+	} else if (sock->statichandle == NULL &&
+		   sock->tls.state == TLS_STATE_IO &&
+		   atomic_load(&sock->connected) &&
+		   !atomic_load(&sock->connecting))
+	{
+		/*
+		 * It seems that some unexpected data (a DNS message) has
+		 * arrived while we are wrapping up.
+		 */
 		return (ISC_R_CANCELED);
 	}