If you block some ICMP traffic, for firewalling or whatever reason, then traceroutes don’t fully work. They’re a mixture of UDP (the DNS lookups) and ICMP usually.
If you run traceroute -I yahoo.com or traceroute -T yahoo.com you should see different results (yahoo.com completes for me). This uses ICMP echo and TCP SYNs.
From the traceroute command’s man page on Linux:
In the modern network environment the traditional traceroute methods can not be always applicable, because of widespread use of
firewalls. Such firewalls filter the "unlikely" UDP ports, or even ICMP echoes. To solve this, some additional tracerouting methods are implemented (including tcp), see LIST OF AVAILABLE METHODS below. Such methods try to use particular protocol and
source/destination port, in order to bypass firewalls (to be seen by firewalls just as a start of allowed type of a network session).