All,
LEDE noted that they will release a version 17.01.4 to resolve this.
This is a bug in the common implementation of the WPA2 protocol; though, a backwards-compatible fix can be implemented. For routers and other embedded devices, this requires a new firmware to be released by the manufacturers. For phones, the manufacturers must release an update. Operating systems can be updated. It should be borne in mind, that the fix for routers only resolves the security problem if the device is being used as a Wired Bridge (e.g. the device is a client of another access point). Therefore, it's very important to patch clients on the WLAN, as well as the router.
If you use devices that are WiFi-enabled, which manufactures have/will not not provide an upgrade - you should no longer consider their data to be secure over-the-air.
Also, quite a few devices have a bug in the dnsmasq DHCP client software. Updates for this are being released by router manufacturers as well (LEDE released an update for this in 17.01.3).
73,
- Lynwood KB3VWG