Sharing a queue itself is not new https://www.kernel.org/doc/html/v5.8/networking/packet_mmap.... and https://docs.kernel.org/next/userspace-api/perf_ring_buffer.... are two examples.

Issues with io_uring security mostly stemmed from an old architecture and just the fact that there's a ton of surface area.

As you suspect, it's not awesome.

https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=io_uring

binder shares a buffer between kernel and user space on billions of Android devices, and Android is by far the most secure Linux distribution.

There's nothing wrong with the general concept.