diff --git a/debian/changelog b/debian/changelog
index c5aef53d0..e898ce3d2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,7 @@ linux (4.8.4-1~exp2) UNRELEASED; urgency=medium
   * [armhf] dts: imx53: add support for USB armory board (Closes: #840137)
   * kconfig: Renumber SYMBOL_NEW, fixing regression of allnoconfig
     (Closes: #841357)
+  * netfilter: xt_NFLOG: fix unexpected truncated packet (Closes: #841261)
 
   [ Salvatore Bonaccorso ]
   * [x86] boot/smp: Don't try to poke disabled/non-existent APIC
diff --git a/debian/patches/bugfix/all/netfilter-xt_nflog-fix-unexpected-truncated-packet.patch b/debian/patches/bugfix/all/netfilter-xt_nflog-fix-unexpected-truncated-packet.patch
new file mode 100644
index 000000000..8b2ac7fc8
--- /dev/null
+++ b/debian/patches/bugfix/all/netfilter-xt_nflog-fix-unexpected-truncated-packet.patch
@@ -0,0 +1,36 @@
+From: Liping Zhang <liping.zhang@spreadtrum.com>
+Date: Tue, 11 Oct 2016 21:03:45 +0800
+Subject: netfilter: xt_NFLOG: fix unexpected truncated packet
+Origin: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=6d19375b58763fefc2f215fb45117d3353ced888
+Bug-Debian: https://bugs.debian.org/841261
+
+Justin and Chris spotted that iptables NFLOG target was broken when they
+upgraded the kernel to 4.8: "ulogd-2.0.5- IPs are no longer logged" or
+"results in segfaults in ulogd-2.0.5".
+
+Because "struct nf_loginfo li;" is a local variable, and flags will be
+filled with garbage value, not inited to zero. So if it contains 0x1,
+packets will not be logged to the userspace anymore.
+
+Fixes: 7643507fe8b5 ("netfilter: xt_NFLOG: nflog-range does not truncate packets")
+Reported-by: Justin Piszcz <jpiszcz@lucidpixels.com>
+Reported-by: Chris Caputo <ccaputo@alt.net>
+Tested-by: Chris Caputo <ccaputo@alt.net>
+Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+---
+ net/netfilter/xt_NFLOG.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/net/netfilter/xt_NFLOG.c b/net/netfilter/xt_NFLOG.c
+index 018eed7e1ff1..8668a5c18dc3 100644
+--- a/net/netfilter/xt_NFLOG.c
++++ b/net/netfilter/xt_NFLOG.c
+@@ -32,6 +32,7 @@ nflog_tg(struct sk_buff *skb, const struct xt_action_param *par)
+ 	li.u.ulog.copy_len   = info->len;
+ 	li.u.ulog.group	     = info->group;
+ 	li.u.ulog.qthreshold = info->threshold;
++	li.u.ulog.flags	     = 0;
+ 
+ 	if (info->flags & XT_NFLOG_F_COPY_LEN)
+ 		li.u.ulog.flags |= NF_LOG_F_COPY_LEN;
diff --git a/debian/patches/series b/debian/patches/series
index a52dfd790..977ccaf89 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -65,6 +65,7 @@ bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch
 bugfix/all/kbuild-do-not-use-hyphen-in-exported-variable-name.patch
 bugfix/all/ext4-fix-bug-838544.patch
 bugfix/all/mm-memcontrol-use-special-workqueue-for-creating-per-memcg-caches.patch
+bugfix/all/netfilter-xt_nflog-fix-unexpected-truncated-packet.patch
 
 # Miscellaneous features