Yes, and there are several reasons. First ICMP is not used as much as UDP or TCP. As a result, it is more likely to have security related bugs lurking in the handling of ICMP than th handling of TCP and UDP.
Secondly, most vulnerability related to application layer protocols (such as SSH, HTTP, SMTP and etc.) can be somewhat confined because daemons responding to those protocols run at a non-administrator level. However, the handling of ICMP is a part of a kernel driver. This means that if there is a vulnerability associated with the handling of ICMP, it is likely to lead to administrator-mode exploits. This, in return, can cause some serious damage like the installation of root kits.