diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e14508353d..95f9740633 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3804,9 +3804,14 @@ psa_status_t psa_aead_finish( psa_aead_operation_t *operation,
 exit:
 
     /* In case the operation fails and the user fails to check for failure or
-     * the zero tag size, make sure the tag is set to something impossible. */
+     * the zero tag size, make sure the tag is set to something impossible.
+     * Even if the operation succeeds, make sure we set the rest of the
+     * buffer to something impossible to prevent potential leakage of
+     * anything previously placed in the same buffer.*/
     if( status != PSA_SUCCESS )
-        memset(tag, '!', tag_size);
+        memset( tag, '!', tag_size );
+    else if( *tag_length < tag_size )
+        memset( tag + *tag_length, '!', ( tag_size - *tag_length ) );
 
     psa_aead_abort( operation );