diff --git a/pkg/network/ebpf/c/shared-libraries/probes.h b/pkg/network/ebpf/c/shared-libraries/probes.h
index 6c28101dc5b832..756f5c6f9f38dd 100644
--- a/pkg/network/ebpf/c/shared-libraries/probes.h
+++ b/pkg/network/ebpf/c/shared-libraries/probes.h
@@ -131,6 +131,20 @@ int tracepoint__syscalls__sys_exit_openat(exit_sys_ctx *args) {
     return 0;
 }
 
+SEC("tracepoint/syscalls/sys_enter_openat2")
+int tracepoint__syscalls__sys_enter_openat2(enter_sys_openat2_ctx *args) {
+    CHECK_BPF_PROGRAM_BYPASSED()
+    do_sys_open_helper_enter(args->filename);
+    return 0;
+}
+
+SEC("tracepoint/syscalls/sys_exit_openat2")
+int tracepoint__syscalls__sys_exit_openat2(exit_sys_ctx *args) {
+    CHECK_BPF_PROGRAM_BYPASSED()
+    do_sys_open_helper_exit(args);
+    return 0;
+}
+
 SEC("fexit/do_sys_openat2")
 int BPF_BYPASSABLE_PROG(do_sys_openat2_exit, int dirfd, const char *pathname, void *how, long ret) {
     lib_path_t path = { 0 };
diff --git a/pkg/network/ebpf/c/shared-libraries/types.h b/pkg/network/ebpf/c/shared-libraries/types.h
index 35cf8557238b5c..ea2159d5d07eb7 100644
--- a/pkg/network/ebpf/c/shared-libraries/types.h
+++ b/pkg/network/ebpf/c/shared-libraries/types.h
@@ -37,6 +37,19 @@ typedef struct {
     int mode;
 } enter_sys_openat_ctx;
 
+typedef struct {
+    unsigned short common_type;
+    unsigned char common_flags;
+    unsigned char common_preempt_count;
+    int common_pid;
+    long __syscall_nr;
+
+    int dfd;
+    const char* filename;
+    void *how;
+    size_t usize;
+} enter_sys_openat2_ctx;
+
 typedef struct {
     unsigned short common_type;
     unsigned char common_flags;
diff --git a/pkg/network/usm/sharedlibraries/ebpf.go b/pkg/network/usm/sharedlibraries/ebpf.go
index ccf6de6fa67eba..30ed46b4de8995 100644
--- a/pkg/network/usm/sharedlibraries/ebpf.go
+++ b/pkg/network/usm/sharedlibraries/ebpf.go
@@ -549,23 +549,20 @@ func (e *EbpfProgram) initPrebuilt() error {
 
 func sysOpenAt2Supported() bool {
 	missing, err := ddebpf.VerifyKernelFuncs("do_sys_openat2")
-	if err == nil && len(missing) == 0 {
-		return true
-	}
+	return err == nil && len(missing) == 0
+}
 
+func isFexitSupported() bool {
 	kversion, err := kernel.HostVersion()
-
-	if err != nil {
-		log.Error("could not determine the current kernel version. fallback to do_sys_open")
-		return false
-	}
-
-	return kversion >= kernel.VersionCode(5, 6, 0)
+	return err == nil && kversion >= kernel.VersionCode(5, 5, 0)
 }
 
 // getSysOpenHooksIdentifiers returns the enter and exit tracepoints for supported open*
 // system calls.
 func (e *EbpfProgram) initializedProbes() {
+	openat2Supported := sysOpenAt2Supported()
+	fexitSupported := isFexitSupported()
+
 	advancedProbes := []manager.ProbeIdentificationPair{
 		{
 			EBPFFuncName: fmt.Sprintf("do_sys_%s_exit", openat2SysCall),
@@ -574,6 +571,9 @@ func (e *EbpfProgram) initializedProbes() {
 	}
 
 	openatProbes := []string{openatSysCall}
+	if openat2Supported {
+		openatProbes = append(openatProbes, openat2SysCall)
+	}
 	// amd64 has open(2), arm64 doesn't
 	if runtime.GOARCH == "amd64" {
 		openatProbes = append(openatProbes, openSysCall)
@@ -589,7 +589,7 @@ func (e *EbpfProgram) initializedProbes() {
 		}
 	}
 
-	if sysOpenAt2Supported() {
+	if fexitSupported && openat2Supported {
 		e.enabledProbes = advancedProbes
 		e.disabledProbes = oldProbes
 	} else {