ping needs to generate and receive ICMP packets, and usually that's done using "raw sockets" – a feature limited to root (cap_net_raw) because it could also be abused to sniff and disrupt other traffic on the system.

Many distributions now just give ping the cap_net_raw privilege (see capabilities(7) and getcap(8) manual pages) instead of full setuid root. This however needs both the kernel and the filesystem to support extended attributes (xattrs), and some "minimal" systems disable those.

Also, recently a special "ICMP" socket type was added that allows sending ICMP Echo messages only, without any additional privileges. The ping command hasn't been updated for it yet though.