You don't go into detail around what ACLs you created other than the one in the screenshot. You stated a user base only had read-only access to tickets prior to attempting this change, which I'm assuming was done by a record level write ACL. To allow this user base access to work notes at the very minimum it would need:

- A record level write ACL for the new role

- A field level write ACL for work notes

- A field level write ACL for comments

- A field level * write ACL to re-lock down the other fields you just granted access to when the record level write ACL was created

Are all these ACLs in place? If so, it would be worth turning on Security Debugging and impersonating the user you're trying to get it to work with and navigate to a record. You should see an entry for record/[table name].work_notes/write at the bottom of the record view, similar to the image below. If there is a red cross in the top left corner, then the ACLs are failing. If this tick is green, then the inability to write is likely being caused by something client-side, such as a UI Policy or Client Script