Linux capabilities empower the holder to perform a set of specific
privileged operations while withholding the full power of root access; see
the
capabilities man page for a list of current capabilities and what they
control. There have been no capabilities added to the kernel since CAP_AUDIT_READ
was merged for 3.16 in 2014. That’s about to change with the 5.8 release,
though, which is set to contain two new capabilities; yet another is
currently under development.

Source: LWN.net – [$] A crop of new capabilities