I reported an issue with security.syscalls.intercept.mknod misbehaving/not functioning as intended with anything beyond 5.15 LTS some time ago and now I’ve tested it again with the new 6.1 LTS and it still doesn’t work, so I thought I might just mention it again 
Starting from kernel v5.19 it’s possible to mount overlayfs on top of idmapped layers. So my suspicion is that this is the issue. The mknod emulation might be insufficient in this case to get the right permissions.
I just pulled 5.17.9 from the Arch Linux archives and ran some tests, and it seems like everything works there so your suspicion may be well placed. 