diff --git a/oci/caps/utils.go b/oci/caps/utils.go
index 3d337b5dd1..9ccb02e04d 100644
--- a/oci/caps/utils.go
+++ b/oci/caps/utils.go
@@ -12,19 +12,26 @@ var capabilityList Capabilities
 
 func init() {
 	last := capability.CAP_LAST_CAP
-	for _, c := range capability.List() {
+	rawCaps := capability.List()
+	capabilityList = make(Capabilities, min(int(last+1), len(rawCaps)))
+	for i, c := range rawCaps {
 		if c > last {
 			continue
 		}
-		capabilityList = append(capabilityList,
-			&CapabilityMapping{
-				Key:   "CAP_" + strings.ToUpper(c.String()),
-				Value: c,
-			},
-		)
+		capabilityList[i] = &CapabilityMapping{
+			Key:   "CAP_" + strings.ToUpper(c.String()),
+			Value: c,
+		}
 	}
 }
 
+func min(a, b int) int {
+	if a < b {
+		return a
+	}
+	return b
+}
+
 type (
 	// CapabilityMapping maps linux capability name to its value of capability.Cap type
 	// Capabilities is one of the security systems in Linux Security Module (LSM)