The only code that must run in kernel mode is the one that was loaded on pages that are protected to restrict access to kernel mode.
If you can execute the kernel mode callback function, this will open the door for all kinds of security holes.