diff --git a/bpf/handler-bpfeb.o b/bpf/handler-bpfeb.o
index 1b1c415..423dd61 100644
Binary files a/bpf/handler-bpfeb.o and b/bpf/handler-bpfeb.o differ
diff --git a/bpf/handler-bpfel.o b/bpf/handler-bpfel.o
index a31c7e3..135e9c3 100644
Binary files a/bpf/handler-bpfel.o and b/bpf/handler-bpfel.o differ
diff --git a/bpf/handler.c b/bpf/handler.c
index 43a7a4c..f66dd3e 100644
--- a/bpf/handler.c
+++ b/bpf/handler.c
@@ -134,6 +134,8 @@ static void log(const char *fmt, u32 fmt_size, u32 arg0, u32 arg1, u32 arg2) {
 	}
 
 	// Copy the fmt string into the log entry.
+	// NOTE: bpf_snprintf is not supported in some of the lower kernel versions
+	// we claim to support, so we have to do it this way.
 	ret = bpf_probe_read_kernel_str(&entry->fmt, sizeof(entry->fmt), fmt);
 	if (ret < 0) {
 		bpf_printk("could not read fmt into log struct: %d", ret);
@@ -245,7 +247,7 @@ s32 enter_execve(struct exec_info *ctx) {
 
 	// Write the filename in addition to argv[0] because the filename contains
 	// the full path to the file which could be more useful in some situations.
-	ret = bpf_probe_read_user_str(event->filename, sizeof(event->filename), ctx->filename);
+	ret = bpf_probe_read_user_str(&event->filename, sizeof(event->filename), ctx->filename);
 	if (ret < 0) {
 		LOG1("could not read filename into event struct: %d", ret);
 		bpf_ringbuf_discard(event, 0);