Aspects of the disclosure provide for mechanisms for memory protection of virtual machines in a computer system. A first host page table and a second host page table is generated by a processing device running a hypervisor in view of a guest page table associated with a virtual machine. The first host page table includes a first mapping corresponding to a privileged page of a guest memory and a second mapping corresponding to an unprivileged page of the guest memory. The second host page table includes a third mapping corresponding to the unprivileged page of the guest memory. The first host page table is associated with the virtual machine. In response to detecting a transition from a first guest mode to a second guest mode by the virtual machine, the virtual machine is associated with the second page table.