Candidate: CVE-2009-2910 
Description:
 32-bit processes running on an x86_64 machine can see uncleared content in registers
 R8-R15.
References:
 http://www.openwall.com/lists/oss-security/2009/10/01/2
Notes:
 attackers can see all content passing thru these registers, so this may be somewhat
 urgent since it may be possible to piece the info together to recover passwords or
 other badness
Bugs:
upstream: released (2.6.31.4) [ee39c2f3e1e667314c018c9fd1e205c97e746bd2], released (2.6.32-rc4) [24e35800cdc4350fc34e2bed37b608a9e13ab3b6]
linux-2.6: released (2.6.31-1~experimental.2) [bugfix/all/stable/2.6.31.4.patch]
2.6.18-etch-security: ignored (EOL)
2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch1) [bugfix/x86-64-slightly-stream-line-32-bit-syscall-entry-code.patch, bugfix/don-t-leak-64-bit-kernel-register-values-to-32-bit-processes.patch]
2.6.26-lenny-security: released (2.6.26-19lenny1) [bugfix/x86/x86-64-slightly-stream-line-32-bit-syscall-entry-code.patch, bugfix/x86/don-t-leak-64-bit-kernel-register-values-to-32-bit-processes.patch]