I confirmed I was correct by making a small patch to libedit and recompiling libedit and installing the custom rpm. It indeed fixes this bug, without any changes to mysql. The bug is for sure in libedit. The bug is for sure the issetugid-related code.
My patch to libedit-20210419-3.1.tar.gz is attached. Note: this patch is almost certainly a security hole as I don't address the reason that setuid stuff is in there in the first place. Consider it a PoC and not something you should use unless you know what you are doing. I would expect the upstream to come up with a real fix shortly.
tecpatchlibedit
Description: Binary data
