The first half of the 4.17 merge window

Bugs are fixed when found, and actively fuzzed for. This covers untrusted data as in corrupted-on-purpose filesystem images. It is still a large surface where bugs can stay undetected for quite a while when one is not lucky.

However, if you want to not trust ACLs, owners, modes, device inodes, etc. then you are to mount the filesystem with the proper options. It is userspace's responsibility.

User-mounted Vfat, udf and iso filesystems are usually handled as unsafe well enough. Ext, btrfs, xfs... it depends. Again, for the better or for the worse, it is on userspace to select the appropriate mount policy.

And the kernel does allow per-usb-port activation control, including whitelist-based. Again, you need userspace to set this policy...