The vulnerability takes advantage of the four-way handshakes that are used by WiFi networks to create a new session key. Hackers are able to trick a victim by manipulating and replaying handshake messages in order to get them to reinstall a key that is already in use. When this happens, parameters like the incremental transmit packet number and receive private number are then reset to their initial value.
While there has so far been no indication that this vulnerability has been exploited in the wild, security researchers are alerting vendors that it exists, which will hopefully lead to security updates in order to patch it. Until then, they suggest checking whether keys that are already in use are being installed or making sure that any individual key is only installed one time during the handshake execution.