diff --git a/private/virtualizationmanager.te b/private/virtualizationmanager.te
index 72cc0a6b9..9b3cfcff8 100644
--- a/private/virtualizationmanager.te
+++ b/private/virtualizationmanager.te
@@ -61,6 +61,7 @@ dontaudit virtualizationmanager self:dir write;
 
 # Let virtualizationmanager to accept vsock connection from the guest VMs
 allow virtualizationmanager self:vsock_socket { create_socket_perms_no_ioctl listen accept };
+neverallow { domain -virtualizationmanager } virtualizationmanager:vsock_socket { accept bind create connect listen };
 
 # Allow virtualizationmanager to inspect all hypervisor capabilities.
 get_prop(virtualizationmanager, hypervisor_prop)
diff --git a/private/virtualizationservice.te b/private/virtualizationservice.te
index b5c04af96..f423c6672 100644
--- a/private/virtualizationservice.te
+++ b/private/virtualizationservice.te
@@ -83,6 +83,7 @@ allow virtualizationservice apex_virt_data_file:file create_file_perms;
 # Let virtualizationservice to accept vsock connection from the guest VMs to singleton services
 # such as the guest tombstone server.
 allow virtualizationservice self:vsock_socket { create_socket_perms_no_ioctl listen accept };
+neverallow { domain -virtualizationservice } virtualizationservice:vsock_socket { accept bind create connect listen };
 
 # Allow virtualizationservice to read/write its own sysprop. Only the process can do so.
 set_prop(virtualizationservice, virtualizationservice_prop)