diff --git a/changes/bug26072 b/changes/bug26072
new file mode 100644
index 000000000..2489e4fbb
--- /dev/null
+++ b/changes/bug26072
@@ -0,0 +1,5 @@
+  o Minor bugfixes (correctness, client):
+    - Upon receiving a malformed connected cell, stop processing the cell
+      immediately.  Previously we would mark the connection for close, but
+      continue processing the cell as if the connection were open. Fixes bug
+      26072; bugfix on 0.2.4.7-alpha.
diff --git a/src/or/relay.c b/src/or/relay.c
index 275746ac9..defbf63b7 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -1455,6 +1455,7 @@ connection_edge_process_relay_cell_not_open(
              "Got a badly formatted connected cell. Closing.");
       connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
       connection_mark_unattached_ap(entry_conn, END_STREAM_REASON_TORPROTOCOL);
+      return 0;
     }
     if (tor_addr_family(&addr) != AF_UNSPEC) {
       const sa_family_t family = tor_addr_family(&addr);