The article also explains this. It seems to be possible to get a much smaller distance if you eat up a lot of stack space using large execve arguments for example (this might be wrong, I haven't 100% understood all details yet). But the article has a POC for ping.
(But e.g. ping doesn't >128MB .data+.bss? ;) )