That a lot of programs fail a fuzz test is not news. See ftp://ftp.cs.wisc.edu/pub/paradyn/technical_papers/fuzz-r... (1995), which is also easy to find as a PDF if you prefer that format. The original 1990 paper located many of bugs, and provided fixes for many of them. Lots of people downloaded the information. Despite that many of the bugs were unfixed.
GNU did best (failure rate 6%) followed by Linux (failure rate 9%). Miller et al failed to mention that most Linux utulities *are* the GNU utilities, usually as compiled by gcc.