In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: Fix host stage-2 PGD refcount
The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. However, when running KVM in protected mode, the host's stage-2 PGD is currently managed by EL2 as a single high-order compound page, which can cause the refcount of the tail pages to reach 0 when they shouldn't, hence corrupting the page-table.
Fix this by introducing a new hypsplitpage() helper in the EL2 page allocator (matching the kernel's splitpage() function), and make use of it from hosts2zallocpages_exact().