diff --git a/VERSION-vendor b/VERSION-vendor
index e2b32f26b86e304da142e724c346ecee4b603c4b..6ced26920372e11dc818c3c33ac04fb4f049eed4 100644
--- a/VERSION-vendor
+++ b/VERSION-vendor
@@ -1 +1 @@
-18.09.0.326
+18.09.0.327
diff --git a/docker.spec b/docker.spec
index d1be58c1c1097baf2c800ea622fed7a9338b9f6c..edfab4c9ad75823558c12bcec51ccdafd236842a 100644
--- a/docker.spec
+++ b/docker.spec
@@ -1,6 +1,6 @@
 Name: docker-engine
 Version: 18.09.0
-Release: 326
+Release: 327
 Epoch: 2
 Summary: The open-source application container engine
 Group: Tools/Docker
@@ -227,6 +227,12 @@ fi
 %endif
 
 %changelog
+* Thu Jul 13 2023 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-327
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:sync patches from master
+
 * Wed Jul 12 2023 zhongjiawei<zhongjiawei1@huawei.com> - 18.09.0-326
 - Type:bugfix
 - CVE:NA
diff --git a/git-commit b/git-commit
index 52bad1db1adc9fae563ed0d2b3b0fb63234b5b30..16e74c2357b2d87730d44b408c20a122694d74c8 100644
--- a/git-commit
+++ b/git-commit
@@ -1 +1 @@
-4fed8ce19beefe47c1d651968f997daa283a4e60
+790275c4cb56cded4863be1b074e2ae2e115aaf1
diff --git a/patch/0259-backport-fix-blockThreshold-full-bug.patch b/patch/0259-backport-fix-blockThreshold-full-bug.patch
new file mode 100644
index 0000000000000000000000000000000000000000..7a8d50753f9ddb1ee5beb067c247e06c0a769903
--- /dev/null
+++ b/patch/0259-backport-fix-blockThreshold-full-bug.patch
@@ -0,0 +1,46 @@
+From dcfe23a0381da232eb427f8616abd8949fb9693e Mon Sep 17 00:00:00 2001
+From: ningmingxiao <ning.mingxiao@zte.com.cn>
+Date: Thu, 30 Dec 2021 23:10:48 +0800
+Subject: [PATCH] fix blockThreshold full bug
+
+Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
+
+---
+ components/engine/pkg/ioutils/bytespipe.go | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/components/engine/pkg/ioutils/bytespipe.go b/components/engine/pkg/ioutils/bytespipe.go
+index d4bbf3c9..e04a5bf5 100644
+--- a/components/engine/pkg/ioutils/bytespipe.go
++++ b/components/engine/pkg/ioutils/bytespipe.go
+@@ -34,6 +34,7 @@ type BytesPipe struct {
+ 	buf      []*fixedBuffer
+ 	bufLen   int
+ 	closeErr error // error to return from next Read. set to nil if not closed.
++	readBlock bool  // check read BytesPipe is Wait() or not
+ }
+ 
+ // NewBytesPipe creates new BytesPipe, initialized by specified slice.
+@@ -86,6 +87,9 @@ loop0:
+ 
+ 		// make sure the buffer doesn't grow too big from this write
+ 		for bp.bufLen >= blockThreshold {
++			if bp.readBlock {
++				bp.wait.Broadcast()
++			}
+ 			bp.wait.Wait()
+ 			if bp.closeErr != nil {
+ 				continue loop0
+@@ -131,7 +135,9 @@ func (bp *BytesPipe) Read(p []byte) (n int, err error) {
+ 			bp.mu.Unlock()
+ 			return 0, bp.closeErr
+ 		}
++		bp.readBlock = true
+ 		bp.wait.Wait()
++		bp.readBlock = false
+ 		if bp.bufLen == 0 && bp.closeErr != nil {
+ 			err := bp.closeErr
+ 			bp.mu.Unlock()
+-- 
+2.23.0
+
diff --git a/patch/0260-docker-repalce-unix.Rmdir-with-os.RemoveAll-when-rem.patch b/patch/0260-docker-repalce-unix.Rmdir-with-os.RemoveAll-when-rem.patch
new file mode 100644
index 0000000000000000000000000000000000000000..f46b328b8163365f90a4f73e3e63d4c45e96cf56
--- /dev/null
+++ b/patch/0260-docker-repalce-unix.Rmdir-with-os.RemoveAll-when-rem.patch
@@ -0,0 +1,38 @@
+From 9f1aa90a8c1b3856c4bb6ec422b8f67ac5afc31e Mon Sep 17 00:00:00 2001
+From: chenjiankun <chenjiankun1@huawei.com>
+Date: Mon, 12 Jun 2023 16:09:06 +0800
+Subject: [PATCH] docker: repalce unix.Rmdir with os.RemoveAll when remove
+ mount point dir
+
+In some cases, there are some files in the mount point dir, so we can't use
+unix.Rmdir to remove mount point dir.
+---
+ components/engine/daemon/graphdriver/devmapper/driver.go | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/components/engine/daemon/graphdriver/devmapper/driver.go b/components/engine/daemon/graphdriver/devmapper/driver.go
+index 3005b84eb..a1a6e17af 100644
+--- a/components/engine/daemon/graphdriver/devmapper/driver.go
++++ b/components/engine/daemon/graphdriver/devmapper/driver.go
+@@ -19,7 +19,6 @@ import (
+ 	"github.com/docker/go-units"
+ 	"github.com/pkg/errors"
+ 	"github.com/sirupsen/logrus"
+-	"golang.org/x/sys/unix"
+ )
+ 
+ func init() {
+@@ -196,7 +195,9 @@ func (d *Driver) Remove(id string) error {
+ 	// mount point is not important and should not be treated
+ 	// as a failure to remove the container.
+ 	mp := path.Join(d.home, "mnt", id)
+-	err := unix.Rmdir(mp)
++	// In some cases, there are some files in the mount point dir, so we can't use
++	// unix.Rmdir to remove mount point dir. os.RemoveAll is more appropriate
++	err := os.RemoveAll(mp)
+ 	if err != nil && !os.IsNotExist(err) {
+ 		logrus.WithField("storage-driver", "devicemapper").Warnf("unable to remove mount point %q: %s", mp, err)
+ 	}
+-- 
+2.23.0
+
diff --git a/series.conf b/series.conf
index e423cbe29f8ee374a4cad1963777e1a377e90919..77aa5b6efee487b2d2f5cb3f8fb91fbf760be843 100644
--- a/series.conf
+++ b/series.conf
@@ -253,4 +253,6 @@ patch/0255-docker-libnet-d-overlay-extract-VNI-match-rule-builder.patch
 patch/0256-docker-libnet-d-overlay-document-some-encryption-code.patch
 patch/0257-docker-libnet-d-overlay-add-BPF-powered-VNI-matcher.patch
 patch/0258-docker-thinpool-full-because-kill-docker-daemon-when.patch
+patch/0259-backport-fix-blockThreshold-full-bug.patch
+patch/0260-docker-repalce-unix.Rmdir-with-os.RemoveAll-when-rem.patch
 #end