diff --git a/containerd.spec b/containerd.spec
index a43c583e630d80819ec42cdb23633b18bd716185..e792dda9b0fc999572ec65176c2d1f41d0208f29 100644
--- a/containerd.spec
+++ b/containerd.spec
@@ -2,7 +2,7 @@
 %global debug_package %{nil}
 Version:        1.2.0
 Name:           containerd
-Release:        210
+Release:        211
 Summary:        An industry-standard container runtime
 License:        ASL 2.0
 URL:            https://containerd.io
@@ -44,6 +44,12 @@ install -p -m 755 bin/ctr $RPM_BUILD_ROOT/%{_bindir}/ctr
 %{_bindir}/ctr
 
 %changelog
+* Sat Aug 26 2023 chenjiankun<chenjiankun1@huawei.com> - 1.2.0-211
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:remove socket file when get file fd failed
+
 * Fri Jun 16 2023 zhongjiawei<zhongjiawei1@huawei.com> - 1.2.0-210
 - Type:bugfix
 - ID:NA
diff --git a/patch/0098-containerd-remove-socket-file-when-get-file-fd-failed.patch b/patch/0098-containerd-remove-socket-file-when-get-file-fd-failed.patch
new file mode 100644
index 0000000000000000000000000000000000000000..216c1989758ec54c25cf1e301f55631efb56fa57
--- /dev/null
+++ b/patch/0098-containerd-remove-socket-file-when-get-file-fd-failed.patch
@@ -0,0 +1,27 @@
+From 5c23af4ebbb9161f776833694270d5c08bd4b8df Mon Sep 17 00:00:00 2001
+From: chenjiankun <chenjiankun1@huawei.com>
+Date: Thu, 27 Jul 2023 15:31:32 +0800
+Subject: [PATCH] docker: remove socket file when get file fd failed
+
+if socket.File() return error, then the socket file will be left over.
+---
+ runtime/v1/shim/client/client.go | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/runtime/v1/shim/client/client.go b/runtime/v1/shim/client/client.go
+index c5a9bba..4c134c2 100644
+--- a/runtime/v1/shim/client/client.go
++++ b/runtime/v1/shim/client/client.go
+@@ -71,6 +71,9 @@ func WithStart(binary, address, daemonAddress, cgroup string, debug bool, exitHa
+ 
+ 		f, err := socket.File()
+ 		if err != nil {
++			if err1 := RemoveSocket(address); err1 != nil {
++				logrus.Warningf("failed to remove socket %s: %w", address, err1)
++			}
+ 			return nil, nil, errors.Wrapf(err, "failed to get fd for socket %s", address)
+ 		}
+ 		defer f.Close()
+-- 
+2.33.0
+
diff --git a/series.conf b/series.conf
index e46be8bb6fe1976b64e13cbafed69112735b09ef..94d505c898ca18db02227f44dafd33783313b438 100644
--- a/series.conf
+++ b/series.conf
@@ -99,3 +99,4 @@ patch/0094-containerd-Fix-goroutine-leak-in-Exec.patch
 patch/0095-oci-fix-additional-GIDs.patch
 patch/0096-importer-stream-oci-layout-and-manifest.json.patch
 patch/0097-containerd-fix-journald-stop-container-shim-log-stuc.patch
+patch/0098-containerd-remove-socket-file-when-get-file-fd-failed.patch