diff --git a/include/bluetooth/hci.h b/include/bluetooth/hci.h
index c5532f944b162..4a560eb2082f1 100644
--- a/include/bluetooth/hci.h
+++ b/include/bluetooth/hci.h
@@ -39,9 +39,15 @@ struct bt_hci_evt_hdr {
 #define BT_ACL_START_NO_FLUSH           0x00
 #define BT_ACL_CONT                     0x01
 #define BT_ACL_START                    0x02
+#define BT_ACL_COMPLETE                 0x03
 
-#define bt_acl_handle(h)                ((h) & 0x0fff)
+#define BT_ACL_POINT_TO_POINT           0x00
+#define BT_ACL_BROADCAST                0x01
+
+#define bt_acl_handle(h)                ((h) & BIT_MASK(12))
 #define bt_acl_flags(h)                 ((h) >> 12)
+#define bt_acl_flags_pb(f)              ((f) & BIT_MASK(2))
+#define bt_acl_flags_bc(f)              ((f) >> 2)
 #define bt_acl_handle_pack(h, f)        ((h) | ((f) << 12))
 
 struct bt_hci_acl_hdr {
diff --git a/subsys/bluetooth/controller/hci/hci.c b/subsys/bluetooth/controller/hci/hci.c
index 2c51f50b828e5..997ed7164aa5f 100644
--- a/subsys/bluetooth/controller/hci/hci.c
+++ b/subsys/bluetooth/controller/hci/hci.c
@@ -2336,11 +2336,24 @@ int hci_acl_handle(struct net_buf *buf, struct net_buf **evt)
 
 	pdu_data = (void *)node_tx->pdu;
 
-	if (flags == BT_ACL_START_NO_FLUSH || flags == BT_ACL_START) {
+	if (bt_acl_flags_bc(flags) != BT_ACL_POINT_TO_POINT) {
+		return -EINVAL;
+	}
+
+	switch (bt_acl_flags_pb(flags)) {
+	case BT_ACL_START_NO_FLUSH:
 		pdu_data->ll_id = PDU_DATA_LLID_DATA_START;
-	} else {
+		break;
+	case BT_ACL_CONT:
 		pdu_data->ll_id = PDU_DATA_LLID_DATA_CONTINUE;
+		break;
+	default:
+		/* BT_ACL_START and BT_ACL_COMPLETE not allowed on LE-U
+		 * from Host to Controller
+		 */
+		return -EINVAL;
 	}
+
 	pdu_data->len = len;
 	memcpy(&pdu_data->lldata[0], buf->data, len);
 
diff --git a/subsys/bluetooth/host/conn.c b/subsys/bluetooth/host/conn.c
index e9c0c6010cef5..a4a2634016c79 100644
--- a/subsys/bluetooth/host/conn.c
+++ b/subsys/bluetooth/host/conn.c
@@ -1168,6 +1168,10 @@ void bt_conn_recv(struct bt_conn *conn, struct net_buf *buf, u8_t flags)
 
 		break;
 	default:
+		/* BT_ACL_START_NO_FLUSH and BT_ACL_COMPLETE are not allowed on
+		 * LE-U from Controller to Host.
+		 * Only BT_ACL_POINT_TO_POINT is supported.
+		 */
 		BT_ERR("Unexpected ACL flags (0x%02x)", flags);
 		bt_conn_reset_rx_state(conn);
 		net_buf_unref(buf);