diff --git a/virtcontainers/api.go b/virtcontainers/api.go
index cdbfb1ad10..8605b978f4 100644
--- a/virtcontainers/api.go
+++ b/virtcontainers/api.go
@@ -108,6 +108,8 @@ func createSandboxFromConfig(ctx context.Context, sandboxConfig SandboxConfig, f
 		}
 	}()
 
+	s.postCreatedNetwork()
+
 	if err = s.getAndStoreGuestDetails(); err != nil {
 		return nil, err
 	}
diff --git a/virtcontainers/network.go b/virtcontainers/network.go
index ff7dd26935..2f0900a8e7 100644
--- a/virtcontainers/network.go
+++ b/virtcontainers/network.go
@@ -1437,6 +1437,32 @@ func (n *Network) Add(ctx context.Context, config *NetworkConfig, hypervisor hyp
 	return endpoints, nil
 }
 
+func (n *Network) PostAdd(ctx context.Context, ns *NetworkNamespace, hotplug bool) error {
+	if hotplug {
+		return nil
+	}
+
+	if ns.Endpoints == nil {
+		return nil
+	}
+
+	endpoints := ns.Endpoints
+
+	for _, endpoint := range endpoints {
+		netPair := endpoint.NetworkPair()
+		if netPair == nil {
+			continue
+		}
+		if netPair.VhostFds != nil {
+			for _, VhostFd := range netPair.VhostFds {
+				VhostFd.Close()
+			}
+		}
+	}
+
+	return nil
+}
+
 // Remove network endpoints in the network namespace. It also deletes the network
 // namespace in case the namespace has been created by us.
 func (n *Network) Remove(ctx context.Context, ns *NetworkNamespace, hypervisor hypervisor, hotunplug bool) error {
diff --git a/virtcontainers/qemu.go b/virtcontainers/qemu.go
index 1217dfc32b..c549099026 100644
--- a/virtcontainers/qemu.go
+++ b/virtcontainers/qemu.go
@@ -1027,6 +1027,7 @@ func (q *qemu) hotAddNetDevice(name, hardAddr string, VMFds, VhostFds []*os.File
 		if err := q.qmpMonitorCh.qmp.ExecuteGetFD(q.qmpMonitorCh.ctx, fdName, VhostFd); err != nil {
 			return err
 		}
+		VhostFd.Close()
 		VhostFdNames = append(VhostFdNames, fdName)
 	}
 	return q.qmpMonitorCh.qmp.ExecuteNetdevAddByFds(q.qmpMonitorCh.ctx, "tap", name, VMFdNames, VhostFdNames)
diff --git a/virtcontainers/sandbox.go b/virtcontainers/sandbox.go
index 18ed78c10b..93fa306056 100644
--- a/virtcontainers/sandbox.go
+++ b/virtcontainers/sandbox.go
@@ -839,6 +839,11 @@ func (s *Sandbox) createNetwork() error {
 	return s.store.Store(store.Network, s.networkNS)
 }
 
+func (s *Sandbox) postCreatedNetwork() error {
+
+	return s.network.PostAdd(s.ctx, &s.networkNS, s.factory != nil)
+}
+
 func (s *Sandbox) removeNetwork() error {
 	span, _ := s.trace("removeNetwork")
 	defer span.Finish()