diff --git a/libvirt-qemu_hotplug-Fix-crash-when-attaching-network-inteface-with-hostdev-network.patch b/libvirt-qemu_hotplug-Fix-crash-when-attaching-network-inteface-with-hostdev-network.patch
new file mode 100644
index 0000000..3d60a47
--- /dev/null
+++ b/libvirt-qemu_hotplug-Fix-crash-when-attaching-network-inteface-with-hostdev-network.patch
@@ -0,0 +1,96 @@
+From dcfd8bc0e1ec0977e6911f5f566d9b1d1d27d310 Mon Sep 17 00:00:00 2001
+Message-ID: <dcfd8bc0e1ec0977e6911f5f566d9b1d1d27d310.1773154901.git.jdenemar@redhat.com>
+From: Pavel Hrdina <phrdina@redhat.com>
+Date: Tue, 10 Mar 2026 09:34:48 +0100
+Subject: [PATCH] qemu_hotplug: Fix crash when attaching network inteface with
+ hostdev network
+
+The following interface XML will crash libvirt when attached to
+running VM:
+
+  <interface type='network'>
+    <source network='hostdev_net'/>
+  </interface>
+
+Instead of trying to figure out every single place where hostdev is used
+as struct directly and allocating empty private data check if iommufd
+is configured as that will happen only for <hostdev> device where the
+private data are correctly allocated.
+
+This patch is best viewed with `git show -w`.
+
+Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
+Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
+(cherry picked from commit 25662b3700da9c32b5083d46ff3831aa4afc2eab)
+
+Resolves: https://issues.redhat.com/browse/RHEL-151953
+
+Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
+---
+ src/qemu/qemu_hotplug.c | 37 +++++++++++++++++++++----------------
+ 1 file changed, 21 insertions(+), 16 deletions(-)
+
+diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
+index bb88815e27..845f42bf20 100644
+--- a/src/qemu/qemu_hotplug.c
++++ b/src/qemu/qemu_hotplug.c
+@@ -1638,20 +1638,23 @@ qemuDomainAttachHostPCIDevice(virQEMUDriver *driver,
+ 
+     qemuDomainObjEnterMonitor(vm);
+ 
+-    if (objprops) {
+-        if ((ret = qemuFDPassDirectTransferMonitor(priv->iommufd, priv->mon)) < 0)
+-            goto exit_monitor;
+ 
+-        if ((ret = qemuMonitorAddObject(priv->mon, &objprops, NULL)) < 0)
+-            goto exit_monitor;
++    if (virHostdevIsPCIDeviceWithIOMMUFD(hostdev)) {
++        if (objprops) {
++            if ((ret = qemuFDPassDirectTransferMonitor(priv->iommufd, priv->mon)) < 0)
++                goto exit_monitor;
+ 
+-        priv->iommufdState = true;
+-        removeiommufd = true;
++            if ((ret = qemuMonitorAddObject(priv->mon, &objprops, NULL)) < 0)
++                goto exit_monitor;
++
++            priv->iommufdState = true;
++            removeiommufd = true;
++        }
++
++        if ((ret = qemuFDPassDirectTransferMonitor(hostdevPriv->vfioDeviceFd, priv->mon)) < 0)
++            goto exit_monitor;
+     }
+ 
+-    if ((ret = qemuFDPassDirectTransferMonitor(hostdevPriv->vfioDeviceFd, priv->mon)) < 0)
+-        goto exit_monitor;
+-
+     if ((ret = qemuDomainAttachExtensionDevice(priv->mon, hostdev->info)) < 0)
+         goto exit_monitor;
+ 
+@@ -1682,15 +1685,17 @@ qemuDomainAttachHostPCIDevice(virQEMUDriver *driver,
+     if (teardownmemlock && qemuDomainAdjustMaxMemLock(vm) < 0)
+         VIR_WARN("Unable to reset maximum locked memory on hotplug fail");
+ 
+-    qemuDomainObjEnterMonitor(vm);
++    if (virHostdevIsPCIDeviceWithIOMMUFD(hostdev)) {
++        qemuDomainObjEnterMonitor(vm);
+ 
+-    if (removeiommufd)
+-        ignore_value(qemuMonitorDelObject(priv->mon, "iommufd0", false));
++        if (removeiommufd)
++            ignore_value(qemuMonitorDelObject(priv->mon, "iommufd0", false));
+ 
+-    qemuFDPassDirectTransferMonitorRollback(hostdevPriv->vfioDeviceFd, priv->mon);
+-    qemuFDPassDirectTransferMonitorRollback(priv->iommufd, priv->mon);
++        qemuFDPassDirectTransferMonitorRollback(hostdevPriv->vfioDeviceFd, priv->mon);
++        qemuFDPassDirectTransferMonitorRollback(priv->iommufd, priv->mon);
+ 
+-    qemuDomainObjExitMonitor(vm);
++        qemuDomainObjExitMonitor(vm);
++    }
+ 
+     if (releaseaddr)
+         qemuDomainReleaseDeviceAddress(vm, info);
+-- 
+2.53.0
diff --git a/libvirt.spec b/libvirt.spec
index f5fc5d4..120c6ac 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -294,7 +294,7 @@
 Summary: Library providing a simple virtualization API
 Name: libvirt
 Version: 11.10.0
-Release: 11%{?dist}%{?extra_release}
+Release: 12%{?dist}%{?extra_release}
 License: GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND OFL-1.1
 URL: https://libvirt.org/
 
@@ -378,6 +378,7 @@ Patch73: libvirt-tests-properly-mock-VFIO-and-IOMMU-checks.patch
 Patch74: libvirt-iommufd-fix-FD-leak-in-case-of-error.patch
 Patch75: libvirt-domain_conf-initialize-network-hostdev-private-data.patch
 Patch76: libvirt-qemu_hotplug-enter-monitor-in-order-to-rollback-passed-FD.patch
+Patch77: libvirt-qemu_hotplug-Fix-crash-when-attaching-network-inteface-with-hostdev-network.patch
 
 
 Requires: libvirt-daemon = %{version}-%{release}
@@ -2769,6 +2770,9 @@ exit 0
 %endif
 
 %changelog
+* Tue Mar 10 2026 Jiri Denemark <jdenemar@redhat.com> - 11.10.0-12
+- qemu_hotplug: Fix crash when attaching network inteface with hostdev network (RHEL-151953)
+
 * Fri Mar  6 2026 Jiri Denemark <jdenemar@redhat.com> - 11.10.0-11
 - domain_conf: initialize network hostdev private data (RHEL-151953)
 - qemu_hotplug: enter monitor in order to rollback passed FD (RHEL-151953)