I don’t know if the vulnerability you’re describing can be exploited in real-world conditions against LND nodes pre 0.17.0 or post 0.17.0
The lightning specification (BOLT8) is already setting the maximum lightning message size at 65535 bytes (cf. bolts/08-transport.md at c562d91ace0e95bec3c6f8758969eaf3627f23c8 · lightning/bolts · GitHub). LND Onion Bomb (onion paylaod >= 4 GB) have to be carried on to the LND node either through a update_add_htlc (BOLT2) or onion_message (BOLT4). All those messages are encrypted under Noise_XK encrypted and authenticated transport.
The protocol does not support messages fragmented over multiple transport frames so far. I don’t know if the fuzz target has been written directly as a half-peer lightning connection stack.