A TOCTOU (Time-of-Check Time-of-Use) vulnerability is an example of which broader class?

TOCTOU (Time-of-Check Time-of-Use) is a classic race condition: the program checks a condition (e.g. access('file.txt') — 'does this user have permission to open this file?'), then uses the resource (e.g. open('file.txt')). An attacker who can replace the file between those two steps (e.g. swap it for a symlink to /etc/passwd) can trick the program into operating on a different resource than the one it checked. Fixes: use atomic operations that check-and-act in a single step (e.g. open() with the relevant flags, then check the file descriptor), or hold a lock across the check-and-use window.