Does this problem still exist on GPT disk?
No. To understand why, you need to understand how booting works on MBR and EFI.
With MBR your CPU will read the first (master boot) sector of a bootable drive and start executing it as raw x86 assembler code.
With EFI, your CPU will run the EFI firmware which (when no EFI variables are yet stored) will try to find an EFI system partition (usually FAT32) on a first drive or drive marked as default. Then on this partition the EFI/Boot/BOOTX64.EFI file will be executed.
EFI boot records could specify other boot loaders in this format:
Boot0001* : "$OS_Full_Name" : $DEVICE(1,GPT,$UUID,0x800,0x63801)/File(\EFI\$OS_NAME\$BOOTFILE).
Which means with EFI you no longer need a dedicated boot loader - EFI itself can manage multiple installed OS'es seamlessly.
Is the /boot the only space boot virus can hide in?
For most Linux distros /boot is yet another partition which contains only Linux kernels and initial ram disks. With EFI you must have /boot/efi - it's where your system EFI partition is mounted and where viruses can possibly reside.
You can zip -9r /tmp/efi.zip /boot/efi and upload the resulting file to virustotal.com to make sure you're system is most likely malware free.
Malware nowadays can infect:
- Your EFI firmware itself (if you're targeted by special orgs or groups, you may have malware even in your SSD/HDD firmware)
- Any EFI boot loader in
/boot/efi (EFI System partition)
- Your Linux kernel, initial ram disk or any system files on your Linux partition
/bootpartition and to my knowledge does not contain the GPT.