How are UDP datagrams that don't have me as a recipient reaching my server?

I could be wrong, but the only way I can think of for a datagram to reach your computer when the layer 3 address doesn't match is if the layer 2 address is manually resolved on the sender and the sender is on the same layer 2 segment. If this is true, you should be able to identify the sender by the layer 2 source address in that packet capture. I suppose it's also possible that the layer 3 device (router or firewall) that does sit on your layer 2 segment could be compromised or misconfigured to result in the improper resolution of that layer 3 address to your layer 2 address.

In either case, go after the sender as identified by their MAC address.

What netmask is your network using? If it's /24, you're likely seeing someone else's traffic because their destination address isn't in the switch's CAM table. If a switch doesn't know which port a device is on it will send traffic destined to that device out every port.

Is this an attack? Not sure. The fact that the source and destination port numbers are 0 along with the UDP length error looks odd. Maybe someone is trying to see if 208.69.57.21 is vulnerable to MS11-083/CVE-2011-2013.

Unless you have an atypical network, there are no rules to prevent a packet from getting switched to machines other than its destination. The Ethernet layer has no idea what IP address the packets are bound for, so it cannot reliably filter them by IP. It filters by Ethernet hardware address, but it doesn't always know for sure which port is associated with an Ethernet hardware address. So some packets do get flooded to all switched ports.

These do appear to be corrupt though.

Any chance that your host is a virtual private server? Maybe these datagrams are destined for another container that shares the same NIC with your node. (...and for some reason your NIC is in promiscuous mode)

This would be a UDP Flood attack, if the datagrams weren't corrupted and were destined for random ports.