diff --git a/ChangeLog.d/md_setup-leak.txt b/ChangeLog.d/md_setup-leak.txt
new file mode 100644
index 000000000..5111d8ef8
--- /dev/null
+++ b/ChangeLog.d/md_setup-leak.txt
@@ -0,0 +1,3 @@
+Bugfix
+   * Fix a memory leak in mbedtls_md_setup() when using HMAC under low memory
+     conditions. Reported and fix suggested by Guido Vranken in #3486.
diff --git a/library/md.c b/library/md.c
index 3eb0fe389..0b9f3daa3 100644
--- a/library/md.c
+++ b/library/md.c
@@ -413,6 +413,10 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf
     if( md_info == NULL || ctx == NULL )
         return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
 
+    ctx->md_info = md_info;
+    ctx->md_ctx = NULL;
+    ctx->hmac_ctx = NULL;
+
     switch( md_info->type )
     {
 #if defined(MBEDTLS_MD2_C)
@@ -468,8 +472,6 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf
         }
     }
 
-    ctx->md_info = md_info;
-
     return( 0 );
 }
 #undef ALLOC