Seems like it's only locally exploitable, but that actually means "exploitable by locally running code" - if you let people upload and run CGIs on your system, you're screwed anyway.
If no code can get on your system from the outside, you're ok. Example: database server that only exposes the MySQL TCP socket should be safe (that's IMHO, you have to do your homework).
Personally I don't run any 32bit code on x86_64 servers, so I actually never had compatiblity compiled in any of my kernels, just like I do for any feature I'm not actively using (yes I do roll my own kernels for prod systems).
