diff --git a/pkg/security/ebpf/c/include/helpers/network.h b/pkg/security/ebpf/c/include/helpers/network.h
index 1198e49d41071..21e39e8591654 100644
--- a/pkg/security/ebpf/c/include/helpers/network.h
+++ b/pkg/security/ebpf/c/include/helpers/network.h
@@ -5,7 +5,7 @@
 #include "constants/macros.h"
 #include "maps.h"
 
-__attribute__((always_inline)) u32 get_flow_pid(struct pid_route_t *key) {
+__attribute__((always_inline)) s64 get_flow_pid(struct pid_route_t *key) {
     u32 *value = bpf_map_lookup_elem(&flow_pid, key);
     if (!value) {
         // Try with IP set to 0.0.0.0
@@ -13,7 +13,7 @@ __attribute__((always_inline)) u32 get_flow_pid(struct pid_route_t *key) {
         key->addr[1] = 0;
         value = bpf_map_lookup_elem(&flow_pid, key);
         if (!value) {
-            return 0;
+            return -1;
         }
     }
 
@@ -63,8 +63,13 @@ __attribute__((always_inline)) struct packet_t *reset_packet() {
 }
 
 __attribute__((always_inline)) void fill_network_process_context(struct process_context_t *process, struct packet_t *pkt) {
-    process->pid = pkt->pid;
-    process->tid = pkt->pid;
+    if (pkt->pid >= 0) {
+        process->pid = pkt->pid;
+        process->tid = pkt->pid;
+    } else {
+        process->pid = 0;
+        process->tid = 0;
+    }
     process->netns = pkt->translated_ns_flow.netns;
 }
 
diff --git a/pkg/security/ebpf/c/include/hooks/network/tc.h b/pkg/security/ebpf/c/include/hooks/network/tc.h
index 2bb8f8b5791c8..1ed6bdd8d0c66 100644
--- a/pkg/security/ebpf/c/include/hooks/network/tc.h
+++ b/pkg/security/ebpf/c/include/hooks/network/tc.h
@@ -60,6 +60,11 @@ int classifier_raw_packet_ingress(struct __sk_buff *skb) {
         return ACT_OK;
     }
 
+    // do not handle packet without process context
+    if (pkt->pid < 0) {
+        return ACT_OK;
+    }
+
     if (prepare_raw_packet_event(skb) != ACT_OK) {
         return ACT_OK;
     }
@@ -76,6 +81,11 @@ int classifier_raw_packet_egress(struct __sk_buff *skb) {
         return ACT_OK;
     }
 
+    // do not handle packet without process context
+    if (pkt->pid < 0) {
+        return ACT_OK;
+    }
+
     if (prepare_raw_packet_event(skb) != ACT_OK) {
         return ACT_OK;
     }
diff --git a/pkg/security/ebpf/c/include/structs/network.h b/pkg/security/ebpf/c/include/structs/network.h
index 9efed0aa257b3..c2c2293e04673 100644
--- a/pkg/security/ebpf/c/include/structs/network.h
+++ b/pkg/security/ebpf/c/include/structs/network.h
@@ -64,7 +64,7 @@ struct packet_t {
     struct namespaced_flow_t translated_ns_flow;
 
     u32 offset;
-    u32 pid;
+    s64 pid;
     u32 payload_len;
     u16 l4_protocol;
 };