diff --git a/components/freertos/FreeRTOS-Kernel/sbom.yml b/components/freertos/FreeRTOS-Kernel/sbom.yml
new file mode 100644
index 0000000000..d04a72557f
--- /dev/null
+++ b/components/freertos/FreeRTOS-Kernel/sbom.yml
@@ -0,0 +1,9 @@
+name: 'freertos'
+version: '10.4.3'
+cpe: cpe:2.3:o:amazon:freertos:{}:*:*:*:*:*:*:*
+supplier: 'Organization: Espressif Systems (Shanghai) CO LTD'
+originator: 'Organization: Amazon Web Services'
+description: An open-source, real-time operating system (RTOS) with additional features and patches from Espressif.
+cve-exclude-list:
+  - cve: CVE-2021-43997
+    reason: This vulnerability only affects ARMv7-M and ARMv8-M ports of FreeRTOS and hence does not affect Espressif SoCs which are not based on these architectures.