In the Linux kernel, the following vulnerability has been resolved: ublk: don't allow user copy for unprivileged device UBLK_F_USER_COPY requires userspace to call write() on ublk char device for filling request buffer, and unprivileged device can't be trusted. So don't allow user copy for unprivileged device.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024102936-CVE-2024-50080-72ba@gregkh/T